Detections
Analytics
FreeBSD : Gitlab -- Multiple vulnerabilities (56abf87b-96ad-11eb-a218-001b217b3468)
high Nessus Plugin ID 148526
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
Gitlab reports :Arbitrary File Read During Project Import
Kroki Arbitrary File Read/Write
Stored Cross-Site-Scripting in merge requests
Access data of an internal project through a public project fork as an anonymous user
Incident metric images can be deleted by any user
Infinite Loop When a User Access a Merge Request
Stored XSS in scoped labels
Admin CSRF in System Hooks Execution Through API
Update OpenSSL dependency
Update PostgreSQL dependency
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 148526
File Name: freebsd_pkg_56abf87b96ad11eba218001b217b3468.nasl
Version: 1.1
Type: local
Family: FreeBSD Local Security Checks
Published: 4/14/2021
Updated: 4/14/2021
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:gitlab-ce, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 4/6/2021
Vulnerability Publication Date: 3/31/2021