FreeBSD: VID-4c26f668-0fd2-11ed-a83d-001b217b3468 (CVE-2022-2500): Gitlab -- multiple vulnerabilities

Gitlab reports: Revoke access to confidential notes todos Pipeline subscriptions trigger new pipelines with the wrong author Ability to gain access to private project through an email invite by using other user's email address as an unverified secondary email Import via git protocol allows to bypass checks on repository Unauthenticated IP allowlist bypass when accessing job artifacts through GitLab Pages Maintainer can leak Packagist and other integration access tokens by changing integration URL Unauthenticated access to victims Grafana datasources through path traversal Unauthorized users can filter issues by contact and organization Malicious Maintainer may change the visibility of project or a group Stored XSS in job error messages Enforced group MFA can be bypassed when using Resource Owner Password Credentials grant Non project members can view public project's Deploy Keys IDOR in project with Jira integration leaks project owner's other projects Jira issues Group Bot Users and Tokens not deleted after group deletion Email invited members can join projects even after the member lock has been enabled Datadog integration returns user emails