FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
5d5e5cda-38e6-11eb-bbbf-001b217b3468Gitlab -- Multiple vulnerabilities

Gitlab reports:

XSS in Zoom Meeting URL

Limited Information Disclosure in Private Profile

User email exposed via GraphQL endpoint

Group and project membership potentially exposed via GraphQL

Search terms logged in search parameter in rails logs

Un-authorised access to feature flag user list

A specific query on the explore page causes statement timeouts

Exposure of starred projects on private user profiles

Uncontrolled Resource Consumption in any Markdown field using Mermaid

Former group members able to view updates to confidential epics

Update GraphicsMagick dependency

Update GnuPG dependency

Update libxml dependency


Discovery 2020-12-07
Entry 2020-12-07
gitlab-ce
ge 13.6.0 lt 13.6.2

ge 13.5.0 lt 13.5.5

ge 12.2 lt 13.4.9

https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
CVE-2020-26407
CVE-2020-26408
CVE-2020-13357
CVE-2020-26411
CVE-2020-26409