FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c5bd9068-440f-11ea-9cdb-001b217b3468	Gitlab -- Multiple Vulnerabilities Gitlab reports: Path Traversal to Arbitrary File Read User Permissions Not Validated in ProjectExportWorker XSS Vulnerability in File API Package and File Disclosure through GitLab Workhorse XSS Vulnerability in Create Groups Issue and Merge Request Activity Counts Exposed Email Confirmation Bypass Using AP Disclosure of Forked Private Project Source Code Private Project Names Exposed in GraphQL queries Disclosure of Issues and Merge Requests via Todos Denial of Service via AsciiDoc Last Pipeline Status Exposed Arbitrary Change of Pipeline Status Grafana Token Displayed in Plaintext Update excon gem Update rdoc gem Update rack-cors gem Update rubyzip gem Discovery 2020-01-30 Entry 2020-01-31 gitlab-ce ge 12.7.0 lt 12.7.4 ge 12.6.0 lt 12.6.6 ge 5.3 lt 12.5.9 CVE-2020-7971 CVE-2020-7967 https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/ CVE-2020-7966 CVE-2020-8114 CVE-2020-7973 CVE-2020-6833 CVE-2020-7972 CVE-2020-7968 CVE-2020-7979 CVE-2020-7969 CVE-2020-7978 CVE-2020-7974 CVE-2020-7977 CVE-2020-7976 CVE-2019-16779 CVE-2019-18978 CVE-2019-16892

VuXML ID

Description

c5bd9068-440f-11ea-9cdb-001b217b3468

Gitlab -- Multiple Vulnerabilities

Gitlab reports:

Path Traversal to Arbitrary File Read

User Permissions Not Validated in ProjectExportWorker

XSS Vulnerability in File API

Package and File Disclosure through GitLab Workhorse

XSS Vulnerability in Create Groups

Issue and Merge Request Activity Counts Exposed

Email Confirmation Bypass Using AP

Disclosure of Forked Private Project Source Code

Private Project Names Exposed in GraphQL queries

Disclosure of Issues and Merge Requests via Todos

Denial of Service via AsciiDoc

Last Pipeline Status Exposed

Arbitrary Change of Pipeline Status

Grafana Token Displayed in Plaintext

Update excon gem

Update rdoc gem

Update rack-cors gem

Update rubyzip gem

Discovery 2020-01-30
Entry 2020-01-31
gitlab-ce

ge 12.7.0 lt 12.7.4

ge 12.6.0 lt 12.6.6

ge 5.3 lt 12.5.9

CVE-2020-7971
CVE-2020-7967
https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7966
CVE-2020-8114
CVE-2020-7973
CVE-2020-6833
CVE-2020-7972
CVE-2020-7968
CVE-2020-7979
CVE-2020-7969
CVE-2020-7978
CVE-2020-7974
CVE-2020-7977
CVE-2020-7976
CVE-2019-16779
CVE-2019-18978
CVE-2019-16892