ArchLinux: 202107-22: nextcloud: multiple issues

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The package nextcloud before version 21.0.3-1 is vulnerable to multiple issues including authentication bypass, privilege escalation, access restriction bypass, content spoofing, cross-site scripting, incorrect calculation, information disclosure and insufficient validation.

ArchLinux: 202107-18: gitlab: multiple issues

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The package gitlab before version 14.0.3-1 is vulnerable to multiple issues including cross-site request forgery, access restriction bypass, arbitrary code execution, arbitrary command execution, cross-site scripting, information disclosure, content spoofing and denial of service.