GitLab’s monthly security update fixes small cloud of woes

Source:- GitLab has released its scheduled monthly security updates versions 13.5.2, 13.4.5, and 13.3.9 for GitLab Community Edition (CE) and Enterprise Edition (EE). These contain multiple security fixes for many GitLab components, most reported by users through GitLab’s HackerOne bug bounty system. Among the security issues identified and fixed are a couple of path traversal vulnerabilities uncovered by users. These security flaws let attackers create malformed paths and save packages in arbitrary locations on the server file system. GitLab’s own

Read more