FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
17.8.0 <= gitlab-ce < 17.8.1
17.7.0 <= gitlab-ce < 17.7.3
15.7.0 <= gitlab-ce < 17.6.4
17.8.0 <= gitlab-ee < 17.8.1
17.7.0 <= gitlab-ee < 17.7.3
15.7.0 <= gitlab-ee < 17.6.4

Details

VuXML ID 24c93a28-d95b-11ef-b6b2-2cf05da270f3
Discovery 2025-01-22
Entry 2025-01-23

Gitlab reports:

Stored XSS via Asciidoctor render

Developer could exfiltrate protected CI/CD variables via CI lint

Cyclic reference of epics leads resource exhaustion

[source]

References

CVE Name CVE-2024-11931
CVE Name CVE-2024-6324
CVE Name CVE-2025-0314
URL https://about.gitlab.com/releases/2025/01/22/patch-release-gitlab-17-8-1-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.