FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerabilities

Affected packages
18.2.0 <= gitlab-ce < 18.2.2
18.1.0 <= gitlab-ce < 18.1.4
8.14.0 <= gitlab-ce < 18.0.6
18.2.0 <= gitlab-ee < 18.2.2
18.1.0 <= gitlab-ee < 18.1.4
8.14.0 <= gitlab-ee < 18.0.6

Details

VuXML ID 7bfe6f39-78be-11f0-9d03-2cf05da270f3
Discovery 2025-08-13
Entry 2025-08-14

Gitlab reports:

Cross-site scripting issue in blob viewer impacts GitLab CE/EE

Cross-site scripting issue in labels impacts GitLab CE/EE

Cross-site scripting issue in Workitem impacts GitLab CE/EE

Improper Handling of Permissions issue in project API impacts GitLab CE/EE

Incorrect Privilege Assignment issue in delete issues operation impacts GitLab CE/EE

Allocation of Resources Without Limits issue in release name creation impacts GitLab CE/EE

Incorrect Authorization issue in jobs API impacts GitLab CE/EE

Authorization issue in Merge request approval policy impacts GitLab EE

Inefficient Regular Expression Complexity issue in wiki impacts GitLab CE/EE

Allocation of Resources Without Limits issue in Mattermost integration impacts GitLab CE/EE

Incorrect Permission Assignment issue in ID token impacts GitLab CE/EE

Insufficient Access Control issue in IP Restriction impacts GitLab EE

References

CVE Name CVE-2024-10219
CVE Name CVE-2024-12303
CVE Name CVE-2025-1477
CVE Name CVE-2025-2498
CVE Name CVE-2025-2614
CVE Name CVE-2025-2937
CVE Name CVE-2025-5819
CVE Name CVE-2025-6186
CVE Name CVE-2025-7734
CVE Name CVE-2025-7739
CVE Name CVE-2025-8094
CVE Name CVE-2025-8770
URL https://about.gitlab.com/releases/2025/08/13/patch-release-gitlab-18-2-2-released/