FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a003b74f-d7b3-11ea-9df1-001b217b3468	Gitlab -- Multiple Vulnerabilities Gitlab reports: Arbitrary File Read when Moving an Issue Memory Exhaustion via Excessive Logging of Invite Email Error Denial of Service Through Project Import Feature User Controlled Git Configuration Settings Resulting in SSRF Stored XSS in Issue Reference Number Tooltip Stored XSS in Issues List via Milestone Title Improper Access Control After Group Transfer Bypass Email Verification Required for OAuth Flow Confusion When Using Hexadecimal Branch Names Insufficient OAuth Revocation Improper Access Control for Project Sharing Stored XSS in Jobs Page Improper Access Control of Applications Page SSRF into Shared Runner Update Kramdown Gem Discovery 2020-08-05 Entry 2020-08-06 Modified 2020-08-25 gitlab-ce lt 13.3.0 https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/ CVE-2020-10977 CVE-2020-13280 CVE-2020-13281 CVE-2020-14001

VuXML ID

Description

a003b74f-d7b3-11ea-9df1-001b217b3468

Gitlab -- Multiple Vulnerabilities

Gitlab reports:

Arbitrary File Read when Moving an Issue

Memory Exhaustion via Excessive Logging of Invite Email Error

Denial of Service Through Project Import Feature

User Controlled Git Configuration Settings Resulting in SSRF

Stored XSS in Issue Reference Number Tooltip

Stored XSS in Issues List via Milestone Title

Improper Access Control After Group Transfer

Bypass Email Verification Required for OAuth Flow

Confusion When Using Hexadecimal Branch Names

Insufficient OAuth Revocation

Improper Access Control for Project Sharing

Stored XSS in Jobs Page

Improper Access Control of Applications Page

SSRF into Shared Runner

Update Kramdown Gem

Discovery 2020-08-05
Entry 2020-08-06
Modified 2020-08-25
gitlab-ce

lt 13.3.0

https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-10977
CVE-2020-13280
CVE-2020-13281
CVE-2020-14001