vulnerability
FreeBSD: VID-5d5e5cda-38e6-11eb-bbbf-001b217b3468 (CVE-2020-26407): Gitlab -- Multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Dec 7, 2020 | Dec 8, 2020 | Dec 10, 2025 |
Severity
3
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Dec 7, 2020
Added
Dec 8, 2020
Modified
Dec 10, 2025
Description
Gitlab reports: XSS in Zoom Meeting URL Limited Information Disclosure in Private Profile User email exposed via GraphQL endpoint Group and project membership potentially exposed via GraphQL Search terms logged in search parameter in rails logs Un-authorised access to feature flag user list A specific query on the explore page causes statement timeouts Exposure of starred projects on private user profiles Uncontrolled Resource Consumption in any Markdown field using Mermaid Former group members able to view updates to confidential epics Update GraphicsMagick dependency Update GnuPG dependency Update libxml dependency
Solution
freebsd-upgrade-package-gitlab-ce
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.