FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerabilities

Affected packages
18.9.0 <= gitlab-ce < 18.9.1
18.8.0 <= gitlab-ce < 18.8.5
9.0.0 <= gitlab-ce < 18.7.5
18.9.0 <= gitlab-ee < 18.9.1
18.8.0 <= gitlab-ee < 18.8.5
9.0.0 <= gitlab-ee < 18.7.5

Details

VuXML ID 102a03c9-1316-11f1-93ca-2cf05da270f3
Discovery 2026-02-25
Entry 2026-02-26

Gitlab reports:

Cross-site Scripting issue in Mermaid sandbox impacts GitLab CE/EE

Denial of Service issue in container registry impacts GitLab CE/EE

Denial of Service issue in Jira events endpoint impacts GitLab CE/EE

Regular Expression Denial of Service issue in GitLab merge requests impacts GitLab CE/EE

Missing rate limit in Bitbucket Server importer impacts GitLab CE/EE

Denial of Service issue in CI trigger API impacts GitLab CE/EE

Denial of Service issue in token decoder impacts GitLab CE/EE

Improper Access Control issue in Conan package registry impacts GitLab EE

Access Control issue in CI job mutation impacts GitLab CE/EE

[source]

References

CVE Name CVE-2025-14103
CVE Name CVE-2025-14511
CVE Name CVE-2025-3525
CVE Name CVE-2026-0752
CVE Name CVE-2026-1388
CVE Name CVE-2026-1662
CVE Name CVE-2026-1725
CVE Name CVE-2026-1747
CVE Name CVE-2026-2845
URL https://about.gitlab.com/releases/2026/02/25/patch-release-gitlab-18-9-1-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.