Detections
Analytics
FreeBSD : Gitlab -- Multiple Vulnerabilities (69cf62a8-a0aa-11ea-9ea5-001b217b3468)
high Nessus Plugin ID 136957
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
Gitlab reports :User Email Verification Bypass
OAuth Flow Missing Email Verification Checks
Notification Email Verification Bypass
Undisclosed Vulnerability on a Third-Party Rendering Engine
Group Sign-Up Restriction Bypass
Mirror Project Owner Impersonation
Missing Permission Check on Fork Relation Creation
Cross-Site Scripting in Repository Files API
Kubernetes Cluster Token Disclosure
Object Storage File Enumeration
Insecure Authorization Check on Project Deploy Keys
Cross-Site Scripting on Metrics Dashboard
Denial of Service on Custom Dashboards
Client-Side Code Injection through Mermaid Markup
Cross-Site Scripting on Static Site Editor
Disclosure of Amazon EKS Credentials
Denial of Service on Workhorse
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 136957
File Name: freebsd_pkg_69cf62a8a0aa11ea9ea5001b217b3468.nasl
Version: 1.1
Type: local
Family: FreeBSD Local Security Checks
Published: 5/29/2020
Updated: 5/29/2020
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:gitlab-ce, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 5/28/2020
Vulnerability Publication Date: 5/27/2020