FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerabilities

Affected packages
17.11.0 <= gitlab-ce < 17.11.2
17.10.0 <= gitlab-ce < 17.10.6
12.0.0 <= gitlab-ce < 17.9.8
17.11.0 <= gitlab-ee < 17.11.2
17.10.0 <= gitlab-ee < 17.10.6
12.0.0 <= gitlab-ee < 17.9.8

Details

VuXML ID 6943cbf2-2d55-11f0-9471-2cf05da270f3
Discovery 2025-05-07
Entry 2025-05-10

Gitlab reports:

Partial Bypass for Device OAuth flow using Cross Window Forgery

Denial of service by abusing Github import API

Group IP restriction bypass allows disclosing issue title of restricted project

[source]

References

CVE Name CVE-2024-8973
CVE Name CVE-2025-0549
CVE Name CVE-2025-1278
URL https://about.gitlab.com/releases/2025/05/07/patch-release-gitlab-17-11-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.

OSZAR »