vulnerability
FreeBSD: VID-a435609c-ffd5-11ef-b4e4-2cf05da270f3 (CVE-2025-1257): Gitlab -- Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Mar 13, 2025 | Mar 15, 2025 | Dec 10, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Mar 13, 2025
Added
Mar 15, 2025
Modified
Dec 10, 2025
Description
Gitlab reports: CVE-2025-25291 and CVE-2025-25292 (third party gem ruby-saml) CVE-2025-27407 (third party gem graphql) Denial of Service Due to Inefficient Processing of Untrusted Input Credentials disclosed when repository mirroring fails Denial of Service Vulnerability in GitLab Approval Rules due to Unbounded Field Internal Notes in Merge Requests Are Emailed to Non-Members Upon Review Submission Maintainer can inject shell code in Google integrations Guest with custom Admin group member permissions can approve the users invitation despite user caps
Solutions
freebsd-upgrade-package-gitlab-cefreebsd-upgrade-package-gitlab-ee
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.