FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
18.3.0 <= gitlab-ce < 18.3.2
18.2.0 <= gitlab-ce < 18.2.6
7.8.0 <= gitlab-ce < 18.1.6
18.3.0 <= gitlab-ee < 18.3.2
18.2.0 <= gitlab-ee < 18.2.6
7.8.0 <= gitlab-ee < 18.1.6

Details

VuXML ID 602fc0fa-8ece-11f0-9d03-2cf05da270f3
Discovery 2025-09-10
Entry 2025-09-11

Gitlab reports:

Denial of Service issue in SAML Responses impacts GitLab CE/EE

Server-Side Request Forgery issue in Webhook custom header impacts GitLab CE/EE

Denial of Service issue in User-Controllable Fields impacts GitLab CE/EE

Denial of Service issue in endpoint file upload impacts GitLab CE/EE

Denial of Service issue in token listing operations impacts GitLab CE/EE

Information disclosure issue in runner endpoints impacts GitLab CE/EE

[source]

References

CVE Name CVE-2025-10094
CVE Name CVE-2025-1250
CVE Name CVE-2025-2256
CVE Name CVE-2025-6454
CVE Name CVE-2025-6769
CVE Name CVE-2025-7337
URL https://about.gitlab.com/releases/2025/09/10/patch-release-gitlab-18-3-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.