FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
18.0.0 <= gitlab-ce < 18.0.2
17.11.0 <= gitlab-ce < 17.11.4
2.1.0 <= gitlab-ce < 17.10.8
18.0.0 <= gitlab-ee < 18.0.2
17.11.0 <= gitlab-ee < 17.11.4
2.1.0 <= gitlab-ee < 17.10.8

Details

VuXML ID ae028662-475e-11f0-9ca4-2cf05da270f3
Discovery 2025-06-11
Entry 2025-06-12

Gitlab reports:

HTML injection impacts GitLab CE/EE

Cross-site scripting issue impacts GitLab CE/EE

Missing authorization issue impacts GitLab Ultimate EE

Denial of Service impacts GitLab CE/EE

Denial of Service via unbounded Webhook token names impacts GitLab CE/EE

Denial of Service via unbounded Board Names impacts GitLab CE/EE

Information disclosure issue impacts GitLab CE/EE

Denial of Service (DoS) via uncontrolled HTTP Response Processing impacts GitLab CE/EE

Information disclosure via authorization bypass impacts GitLab CE/EE

Sensitive information disclosure via Group IP restriction bypass

[source]

References

CVE Name CVE-2024-9512
CVE Name CVE-2025-0673
CVE Name CVE-2025-1478
CVE Name CVE-2025-1516
CVE Name CVE-2025-2254
CVE Name CVE-2025-4278
CVE Name CVE-2025-5121
CVE Name CVE-2025-5195
CVE Name CVE-2025-5982
CVE Name CVE-2025-5996
URL https://about.gitlab.com/releases/2025/06/11/patch-release-gitlab-18-0-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.