Information disclosure

GitLab before 12.8.2 allows Information Disclosure. Badge images were not being proxied, causing mixed content warnings as well as leaking the IP address of the user...

Information disclosure

On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance IRI. External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface e.g. fxp0 thus...