AVG-1822 log
| Package | gitlab |
| Status | Fixed |
| Severity | Critical |
| Type | multiple issues |
| Affected | 13.10.2-1 |
| Fixed | 13.10.3-1 |
| Current | 18.5.0-1 [extra] |
| Ticket | None |
| Created | Wed Apr 14 13:58:40 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-28965 | Critical | Yes | Incorrect calculation | When parsing and serializing a crafted XML document, the REXML gem (including the one bundled with Ruby) can create a wrong XML document whose structure is... |
| CVE-2021-22205 | Critical | Yes | Arbitrary code execution | An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that is passed to a... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 29 Apr 2021 | ASA-202104-1 | gitlab | multiple issues |
| References |
|---|
https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/ |