Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's `CI_JOB_TOKEN` to obtain a GitLab session token belonging to the victim.

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs.

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

The Seraphinite Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.4.6. This makes it possible for unauthenticated attackers to inject arb…