FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerabilities

Affected packages
18.5.0 <= gitlab-ce < 18.5.1
18.4.0 <= gitlab-ce < 18.4.3
10.6.0 <= gitlab-ce < 18.3.5
18.5.0 <= gitlab-ee < 18.5.1
18.4.0 <= gitlab-ee < 18.4.3
10.6.0 <= gitlab-ee < 18.3.5

Details

VuXML ID f741ea93-af61-11f0-98b5-2cf05da270f3
Discovery 2025-10-22
Entry 2025-10-22

Gitlab reports:

Improper access control issue in runner API impacts GitLab EE

Denial of service issue in event collection impacts GitLab CE/EE

Denial of service issue in JSON validation impacts GitLab CE/EE

Denial of service issue in upload impacts GitLab CE/EE

Incorrect Authorization issue in pipeline builds impacts GitLab CE

Business logic error issue in group memberships impacts GitLab EE

Missing authorization issue in quick actions impacts GitLab EE

[source]

References

CVE Name CVE-2025-10497
CVE Name CVE-2025-11447
CVE Name CVE-2025-11702
CVE Name CVE-2025-11971
CVE Name CVE-2025-11974
CVE Name CVE-2025-11989
CVE Name CVE-2025-6601
URL https://about.gitlab.com/releases/2025/10/22/patch-release-gitlab-18-5-1-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.