FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
17.7.0 <= gitlab-ce < 17.7.1
17.6.0 <= gitlab-ce < 17.6.3
11.0.0 <= gitlab-ce < 17.5.5
17.7.0 <= gitlab-ee < 17.7.1
17.6.0 <= gitlab-ee < 17.6.3
11.0.0 <= gitlab-ee < 17.5.5

Details

VuXML ID 2bfde261-cdf2-11ef-b6b2-2cf05da270f3
Discovery 2025-01-08
Entry 2025-01-08

Gitlab reports:

Possible access token exposure in GitLab logs

Cyclic reference of epics leads resource exhaustion

Unauthorized user can manipulate status of issues in public projects

Instance SAML does not respect external_provider configuration

[source]

References

CVE Name CVE-2024-12431
CVE Name CVE-2024-13041
CVE Name CVE-2024-6324
CVE Name CVE-2025-0194
URL https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.