FreeBSD : Gitlab — Multiple Vulnerabilities (89fdbd85-ebd2-11ed-9c88-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 89fdbd85-ebd2-11ed-9c88-001b217b3468 advisory.

– An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. Under certain conditions, any GitLab user account on the instance may use a GraphQL endpoint to attach a malicious runner to any project on the instance. (CVE-2023-2478)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More

Back to Main

Subscribe for the latest news: