FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerabilities

Affected packages
18.4.0 <= gitlab-ce < 18.4.2
18.3.0 <= gitlab-ce < 18.3.4
5.2.0 <= gitlab-ce < 18.2.8
18.4.0 <= gitlab-ee < 18.4.2
18.3.0 <= gitlab-ee < 18.3.4
5.2.0 <= gitlab-ee < 18.2.8

Details

VuXML ID 87fdaf3c-a5b5-11f0-98b5-2cf05da270f3
Discovery 2025-10-08
Entry 2025-10-10

Gitlab reports:

Incorrect authorization issue in GraphQL mutations impacts GitLab EE

Denial of Service issue in GraphQL blob type impacts GitLab CE/EE

Missing authorization issue in manual jobs impacts GitLab CE/EE

Denial of Service issue in webhook endpoints impacts GitLab CE/EE

[source]

References

CVE Name CVE-2025-10004
CVE Name CVE-2025-11340
CVE Name CVE-2025-2934
CVE Name CVE-2025-9825
URL https://about.gitlab.com/releases/2025/10/08/patch-release-gitlab-18-4-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.