ISHACK AI BOT

Alma Linux: CVE-2023-28755: Moderate: ruby:2.7 security, bug fix, and enhancement update (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 07/04/2023 Added 07/04/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) alma-upgrade-ruby alma-upgrade-ruby-bundled-gems alma-upgrade-ruby-default-gems alma-upgrade-ruby-devel alma-upgrade-ruby-doc alma-upgrade-ruby-irb alma-upgrade-ruby-libs alma-upgrade-rubygem-abrt alma-upgrade-rubygem-abrt-doc alma-upgrade-rubygem-bigdecimal alma-upgrade-rubygem-bson alma-upgrade-rubygem-bson-doc alma-upgrade-rubygem-bundler alma-upgrade-rubygem-bundler-doc alma-upgrade-rubygem-did_you_mean alma-upgrade-rubygem-io-console alma-upgrade-rubygem-irb alma-upgrade-rubygem-json alma-upgrade-rubygem-minitest alma-upgrade-rubygem-mongo alma-upgrade-rubygem-mongo-doc alma-upgrade-rubygem-mysql2 alma-upgrade-rubygem-mysql2-doc alma-upgrade-rubygem-net-telnet alma-upgrade-rubygem-openssl alma-upgrade-rubygem-pg alma-upgrade-rubygem-pg-doc alma-upgrade-rubygem-power_assert alma-upgrade-rubygem-psych alma-upgrade-rubygem-rake alma-upgrade-rubygem-rbs alma-upgrade-rubygem-rdoc alma-upgrade-rubygem-rexml alma-upgrade-rubygem-rss alma-upgrade-rubygem-test-unit alma-upgrade-rubygem-typeprof alma-upgrade-rubygem-xmlrpc alma-upgrade-rubygems alma-upgrade-rubygems-devel References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755 https://errata.almalinux.org/8/ALSA-2023-3821.html https://errata.almalinux.org/8/ALSA-2023-7025.html https://errata.almalinux.org/8/ALSA-2024-1431.html https://errata.almalinux.org/8/ALSA-2024-3500.html https://errata.almalinux.org/9/ALSA-2024-1576.html https://errata.almalinux.org/9/ALSA-2024-3838.html View more

Ubuntu: (Multiple Advisories) (CVE-2023-28879): Ghostscript vulnerability Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 05/05/2023 Added 04/17/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) ubuntu-pro-upgrade-ghostscript ubuntu-pro-upgrade-libgs10 ubuntu-pro-upgrade-libgs9 References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 DSA-5383 USN-6017-1 USN-6017-2

Ubuntu: (Multiple Advisories) (CVE-2023-28755): Ruby vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 05/05/2023 Added 05/05/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) ubuntu-pro-upgrade-libruby2-3 ubuntu-pro-upgrade-libruby2-5 ubuntu-pro-upgrade-libruby2-7 ubuntu-pro-upgrade-libruby3-1 ubuntu-pro-upgrade-ruby2-3 ubuntu-pro-upgrade-ruby2-5 ubuntu-pro-upgrade-ruby2-7 ubuntu-pro-upgrade-ruby3-1 References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755 USN-6055-1 USN-6055-2 USN-6087-1 USN-6181-1 USN-6219-1

SUSE: CVE-2023-28755: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 10/26/2023 Added 10/25/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) suse-upgrade-libruby2_5-2_5 suse-upgrade-ruby2-5 suse-upgrade-ruby2-5-devel suse-upgrade-ruby2-5-devel-extra suse-upgrade-ruby2-5-doc suse-upgrade-ruby2-5-doc-ri suse-upgrade-ruby2-5-stdlib References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755

SUSE: CVE-2023-28879: SUSE Linux Security Advisory Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 05/05/2023 Added 04/10/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) suse-upgrade-ghostscript suse-upgrade-ghostscript-devel suse-upgrade-ghostscript-x11 References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 DSA-5383

Oracle Linux: CVE-2023-28879: ELSA-2023-6544:ghostscript security and bug fix update (MODERATE) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 11/18/2023 Added 11/16/2023 Modified 11/30/2024 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) oracle-linux-upgrade-ghostscript oracle-linux-upgrade-ghostscript-doc oracle-linux-upgrade-ghostscript-tools-dvipdf oracle-linux-upgrade-ghostscript-tools-fonts oracle-linux-upgrade-ghostscript-tools-printing oracle-linux-upgrade-ghostscript-x11 oracle-linux-upgrade-libgs oracle-linux-upgrade-libgs-devel References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 ELSA-2023-6544 ELSA-2023-7053

MediaWiki: Unspecified Security Vulnerability (CVE-2023-29137) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 03/31/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. The UserImpactHandler for GrowthExperiments inadvertently returns the timezone preference for arbitrary users, which can be used to de-anonymize users. Solution(s) mediawiki-upgrade-latest References https://attackerkb.com/topics/cve-2023-29137 CVE - 2023-29137 https://phabricator.wikimedia.org/T328643

MediaWiki: Unspecified Security Vulnerability (CVE-2023-29141) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 05/05/2023 Added 04/12/2023 Modified 01/28/2025 Description An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header. Solution(s) mediawiki-upgrade-1_35_10 mediawiki-upgrade-1_38_6 mediawiki-upgrade-1_39_3 References https://attackerkb.com/topics/cve-2023-29141 CVE - 2023-29141 https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39 https://lists.debian.org/debian-lts-announce/2023/08/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONWHGOBFD6CQAEGOP5O375XAP2N6RUHT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGK4NZPIJ5ET2ANRZOUYPCRIB5I64JR7/ https://phabricator.wikimedia.org/T285159 https://www.debian.org/security/2023/dsa-5447 View more

Huawei EulerOS: CVE-2023-28755: ruby security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 07/18/2023 Added 07/18/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) huawei-euleros-2_0_sp10-upgrade-ruby huawei-euleros-2_0_sp10-upgrade-ruby-help huawei-euleros-2_0_sp10-upgrade-ruby-irb References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755 EulerOS-SA-2023-2392

Amazon Linux 2023: CVE-2023-28879: Important priority package update for ghostscript Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) amazon-linux-2023-upgrade-ghostscript amazon-linux-2023-upgrade-ghostscript-debuginfo amazon-linux-2023-upgrade-ghostscript-debugsource amazon-linux-2023-upgrade-ghostscript-doc amazon-linux-2023-upgrade-ghostscript-gtk amazon-linux-2023-upgrade-ghostscript-gtk-debuginfo amazon-linux-2023-upgrade-ghostscript-tools-dvipdf amazon-linux-2023-upgrade-ghostscript-tools-fonts amazon-linux-2023-upgrade-ghostscript-tools-printing amazon-linux-2023-upgrade-ghostscript-x11 amazon-linux-2023-upgrade-ghostscript-x11-debuginfo amazon-linux-2023-upgrade-libgs amazon-linux-2023-upgrade-libgs-debuginfo amazon-linux-2023-upgrade-libgs-devel References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 https://alas.aws.amazon.com/AL2023/ALAS-2023-162.html

Red Hat: CVE-2023-28464: Kernel: double free in hci_conn_cleanup of the bluetooth subsystem (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/31/2023 Created 05/24/2024 Added 05/23/2024 Modified 12/05/2024 Description hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2023-28464 RHSA-2024:2394 RHSA-2024:2950 RHSA-2024:3138

Huawei EulerOS: CVE-2022-4899: zstd security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/31/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun. Solution(s) huawei-euleros-2_0_sp11-upgrade-zstd References https://attackerkb.com/topics/cve-2022-4899 CVE - 2022-4899 EulerOS-SA-2023-3046

Huawei EulerOS: CVE-2023-28756: ruby security update Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. Solution(s) huawei-euleros-2_0_sp10-upgrade-ruby huawei-euleros-2_0_sp10-upgrade-ruby-help huawei-euleros-2_0_sp10-upgrade-ruby-irb References https://attackerkb.com/topics/cve-2023-28756 CVE - 2023-28756 EulerOS-SA-2023-1828

Huawei EulerOS: CVE-2023-28879: ghostscript security update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 03/31/2023 Created 05/10/2023 Added 05/09/2023 Modified 01/28/2025 Description In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. Solution(s) huawei-euleros-2_0_sp10-upgrade-ghostscript huawei-euleros-2_0_sp10-upgrade-ghostscript-help References https://attackerkb.com/topics/cve-2023-28879 CVE - 2023-28879 EulerOS-SA-2023-1820

Alpine Linux: CVE-2023-28755: Inefficient Regular Expression Complexity Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 03/31/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/02/2024 Description A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. Solution(s) alpine-linux-upgrade-ruby References https://attackerkb.com/topics/cve-2023-28755 CVE - 2023-28755 https://security.alpinelinux.org/vuln/CVE-2023-28755

Rocky Linux: CVE-2023-28464: kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/31/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-28464 CVE - 2023-28464 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

Rocky Linux: CVE-2023-27535: curl (RLSA-2023-3106) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. Solution(s) rocky-upgrade-curl rocky-upgrade-curl-debuginfo rocky-upgrade-curl-debugsource rocky-upgrade-libcurl rocky-upgrade-libcurl-debuginfo rocky-upgrade-libcurl-devel rocky-upgrade-libcurl-minimal rocky-upgrade-libcurl-minimal-debuginfo References https://attackerkb.com/topics/cve-2023-27535 CVE - 2023-27535 https://errata.rockylinux.org/RLSA-2023:3106

Rocky Linux: CVE-2022-4744: kernel (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. Solution(s) rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra References https://attackerkb.com/topics/cve-2022-4744 CVE - 2022-4744 https://errata.rockylinux.org/RLSA-2023:1469 https://errata.rockylinux.org/RLSA-2023:1470

Rocky Linux: CVE-2023-1393: tigervnc (RLSA-2023-1592) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 03/30/2023 Created 03/13/2024 Added 08/15/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2023-27536: GSS delegation too eager connection re-use (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 08/10/2023 Added 08/09/2023 Modified 01/28/2025 Description An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. Solution(s) redhat-upgrade-curl redhat-upgrade-curl-debuginfo redhat-upgrade-curl-debugsource redhat-upgrade-curl-minimal redhat-upgrade-curl-minimal-debuginfo redhat-upgrade-libcurl redhat-upgrade-libcurl-debuginfo redhat-upgrade-libcurl-devel redhat-upgrade-libcurl-minimal redhat-upgrade-libcurl-minimal-debuginfo References CVE-2023-27536 RHSA-2023:4523 RHSA-2023:6679 RHSA-2024:0428

IBM AIX: curl_advisory2 (CVE-2023-27535): Security vulnerabilities in cURL for AIX Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 03/30/2023 Created 07/27/2023 Added 07/27/2023 Modified 01/28/2025 Description An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information. Solution(s) ibm-aix-curl_advisory2 References https://attackerkb.com/topics/cve-2023-27535 CVE - 2023-27535 https://aix.software.ibm.com/aix/efixes/security/curl_advisory2.asc

FreeBSD: VID-54006796-CF7B-11ED-A5D5-001B217B3468 (CVE-2023-1710): Gitlab -- Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 03/30/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-54006796-CF7B-11ED-A5D5-001B217B3468: Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resource consumption of Prometheus server through abuse of Prometheus integration proxy endpoint Unauthenticated users can view Environment names from public projects limited to project members only Copying information to the clipboard could lead to the execution of unexpected commands Maintainer can leak masked webhook secrets by adding a new parameter to the webhook URL Arbitrary HTML injection possible when :soft_email_confirmation feature flag is enabled in the latest release Framing of arbitrary content (leading to open redirects) on any page allowing user controlled markdown MR for security reports are available to everyone API timeout when searching for group issues Unauthorised user can add child epics linked to victim's epic in an unrelated group GitLab search allows to leak internal notes Ambiguous branch name exploitation in GitLab Improper permissions checks for moving an issue Private project branches names can be leaked through a fork Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2023-1710

FreeBSD: VID-759A5599-3CE8-11EE-A0D1-84A93843EB75 (CVE-2022-4899): MySQL -- Multiple vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 03/30/2023 Created 08/21/2023 Added 08/18/2023 Modified 01/28/2025 Description A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun. Solution(s) freebsd-upgrade-package-mysql-client57 freebsd-upgrade-package-mysql-client80 freebsd-upgrade-package-mysql-connector-c freebsd-upgrade-package-mysql-server57 freebsd-upgrade-package-mysql-server80 References CVE-2022-4899

FreeBSD: VID-54006796-CF7B-11ED-A5D5-001B217B3468 (CVE-2023-1071): Gitlab -- Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:L/Au:S/C:N/I:P/A:N) Published 03/30/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-54006796-CF7B-11ED-A5D5-001B217B3468: Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resource consumption of Prometheus server through abuse of Prometheus integration proxy endpoint Unauthenticated users can view Environment names from public projects limited to project members only Copying information to the clipboard could lead to the execution of unexpected commands Maintainer can leak masked webhook secrets by adding a new parameter to the webhook URL Arbitrary HTML injection possible when :soft_email_confirmation feature flag is enabled in the latest release Framing of arbitrary content (leading to open redirects) on any page allowing user controlled markdown MR for security reports are available to everyone API timeout when searching for group issues Unauthorised user can add child epics linked to victim's epic in an unrelated group GitLab search allows to leak internal notes Ambiguous branch name exploitation in GitLab Improper permissions checks for moving an issue Private project branches names can be leaked through a fork Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2023-1071

FreeBSD: VID-54006796-CF7B-11ED-A5D5-001B217B3468 (CVE-2022-3375): Gitlab -- Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 03/30/2023 Created 04/04/2023 Added 04/01/2023 Modified 01/28/2025 Description Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From VID-54006796-CF7B-11ED-A5D5-001B217B3468: Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resource consumption of Prometheus server through abuse of Prometheus integration proxy endpoint Unauthenticated users can view Environment names from public projects limited to project members only Copying information to the clipboard could lead to the execution of unexpected commands Maintainer can leak masked webhook secrets by adding a new parameter to the webhook URL Arbitrary HTML injection possible when :soft_email_confirmation feature flag is enabled in the latest release Framing of arbitrary content (leading to open redirects) on any page allowing user controlled markdown MR for security reports are available to everyone API timeout when searching for group issues Unauthorised user can add child epics linked to victim's epic in an unrelated group GitLab search allows to leak internal notes Ambiguous branch name exploitation in GitLab Improper permissions checks for moving an issue Private project branches names can be leaked through a fork Solution(s) freebsd-upgrade-package-gitlab-ce References CVE-2022-3375