FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
19.1.0 <= gitlab-ce < 19.1.1
19.0.0 <= gitlab-ce < 19.0.3
8.3.0 <= gitlab-ce < 18.11.6
19.1.0 <= gitlab-ee < 19.1.1
19.0.0 <= gitlab-ee < 19.0.3
8.3.0 <= gitlab-ee < 18.11.6

Details

VuXML ID ee1e7aef-7117-11f1-873f-2cf05da270f3
Discovery 2026-06-24
Entry 2026-06-26

Gitlab reports:

Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE

Cross-site Scripting issue in Web IDE workbench asset handler impacts GitLab CE/EE

Information Disclosure issue in Duo Workflows impacts GitLab EE

Authorization Bypass issue in Virtual Registry Cleanup Policy API impacts GitLab EE

Improper Authorization issue in Rapid Diffs impacts GitLab CE/EE

Incorrect Authorization issue in DAST scanner and site profile management impacts GitLab EE

Insufficient Filtering issue in CI/CD API impacts GitLab CE/EE

Improper Input Validation issue in Snippets impacts GitLab CE/EE

Incorrect Authorization issue in Maven Package Registry impacts GitLab CE/EE

Improper Access Control issue in group packages API impacts GitLab CE/EE

Improper Access Control issue in Protected Environments API impacts GitLab EE

Missing Authorization issue in Security Dashboard impacts GitLab EE

Server-Side Request Forgery issue in Repository Mirroring impacts GitLab CE/EE

References

CVE Name CVE-2026-0934
CVE Name CVE-2026-10086
CVE Name CVE-2026-10712
CVE Name CVE-2026-11379
CVE Name CVE-2026-12053
CVE Name CVE-2026-12635
CVE Name CVE-2026-1606
CVE Name CVE-2026-2238
CVE Name CVE-2026-3176
CVE Name CVE-2026-5309
CVE Name CVE-2026-5796
CVE Name CVE-2026-5952
CVE Name CVE-2026-8330
URL https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/