FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3507bfb3-85d5-11ec-8c9c-001b217b3468Gitlab -- multiple vulnerabilities

Gitlab reports:

Arbitrary POST requests via special HTML attributes in Jupyter Notebooks

DNS Rebinding vulnerability in Irker IRC Gateway integration

Missing certificate validation for external CI services

Blind SSRF Through Project Import

Open redirect vulnerability in Jira Integration

Issue link was disclosing the linked issue

Service desk email accessible by project non-members

Authenticated users can search other users by their private email

"External status checks" can be accepted by users below developer access if the user is either author or assignee of the target merge request

Deleting packages in bulk from package registries may cause table locks

Autocomplete enabled on specific pages

Possible SSRF due to not blocking shared address space

System notes reveals private project path when Issue is moved to a public project

Timeout for pages using Markdown

Certain branch names could not be protected


Discovery 2022-02-03
Entry 2022-02-04
gitlab-ce
ge 14.7.0 lt 14.7.1

ge 14.6.0 lt 14.6.4

ge 0 lt 14.5.4

CVE-2022-0427
CVE-2022-0425
CVE-2022-0123
CVE-2022-0136
CVE-2022-0283
CVE-2022-0390
CVE-2022-0373
CVE-2022-0371
CVE-2021-39943
CVE-2022-0477
CVE-2022-0167
CVE-2022-0249
CVE-2022-0344
CVE-2022-0488
CVE-2021-39931
https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-released/