gitlab-gitaly

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Speed up Git access using caching
Version 14.1.0-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-1905 14.1.0-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-31799 AVG-1905 Medium Yes Arbitrary command execution
RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2223 14.0.4-1 14.1.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-22904 AVG-2223 Low Yes Denial of service
There is a possible denial of service (DoS) vulnerability in the Token Authentication logic in Action Controller before versions 6.1.3.2, 6.0.3.7, 5.2.4.6...
CVE-2021-22902 AVG-2223 Low Yes Denial of service
There is a possible Denial of Service vulnerability in Action Dispatch before version 6 before 6.0.3.7 and 6.1.0.2. Carefully crafted Accept headers can...
CVE-2021-22885 AVG-2223 Medium Yes Information disclosure
There is a possible information disclosure/unintended method execution vulnerability in Action Pack before versions 6.1.3.2, 6.0.3.7, 5.2.4.6 and 5.2.6 when...