GitLab: Container escape on public GitLab CI runners

Summary It is possible to circumvent the isolation in place for build jobs running on public CI runners by escaping the docker container running the build job. This is possible via abuse of the cgroup releaseagent functionality, made possible by CI jobs being allowed to mount filesystems inside t...

Gitlab -- multiple vulnerabilities

Gitlab reports: SSRF GCP access token disclosure Persistent XSS on issue details Diff formatter DoS in Sidekiq jobs Confidential information disclosure in events API endpoint validatelocalhost function in urlblocker.rb could be bypassed Slack integration CSRF Oauth2 GRPC::Unknown logging token...