FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-07-27 12:33:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a435609c-ffd5-11ef-b4e4-2cf05da270f3Gitlab -- Vulnerabilities

Gitlab reports:

CVE-2025-25291 and CVE-2025-25292 (third party gem ruby-saml)

CVE-2025-27407 (third party gem graphql)

Denial of Service Due to Inefficient Processing of Untrusted Input

Credentials disclosed when repository mirroring fails

Denial of Service Vulnerability in GitLab Approval Rules due to Unbounded Field

Internal Notes in Merge Requests Are Emailed to Non-Members Upon Review Submission

Maintainer can inject shell code in Google integrations

Guest with custom Admin group member permissions can approve the users invitation despite user caps


Discovery 2025-03-12
Entry 2025-03-13
gitlab-ce
gitlab-ee
>= 17.9.0 lt 17.9.2

>= 17.8.0 lt 17.8.5

>= 11.5 lt 17.7.7

CVE-2025-25291
CVE-2025-25292
CVE-2025-27407
CVE-2024-13054
CVE-2024-12380
CVE-2025-1257
CVE-2025-0652
CVE-2024-8402
CVE-2024-7296
https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/