FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
17.9.0 <= gitlab-ce < 17.9.1
17.8.0 <= gitlab-ce < 17.8.4
15.10.0 <= gitlab-ce < 17.7.6
17.9.0 <= gitlab-ee < 17.9.1
17.8.0 <= gitlab-ee < 17.8.4
15.10.0 <= gitlab-ee < 17.7.6

Details

VuXML ID 8fb9101e-f58a-11ef-b4e4-2cf05da270f3
Discovery 2025-02-26
Entry 2025-02-28

Gitlab reports:

XSS in k8s proxy endpoint

XSS Maven Dependency Proxy

HTML injection leads to XSS on self hosted instances

Improper Authorisation Check Allows Guest User to Read Security Policy

Planner role can read code review analytics in private projects

[source]

References

CVE Name CVE-2024-10925
CVE Name CVE-2024-8186
CVE Name CVE-2025-0307
CVE Name CVE-2025-0475
CVE Name CVE-2025-0555
URL https://about.gitlab.com/releases/2025/02/26/patch-release-gitlab-17-9-1-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.