Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition

GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE versions for 18.6.4, 18.7.2, and 18.8.2. Malicious parties can exploit the vulnerabilities to cause a denial-of-service DoS, or potentially gain access to sensitive data by bypassing security measures. GitLab has...

GitLab CE/EE security vulnerabilities

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.6.4, 18.7.2, and 18.8.2 containe...

GitLab CE/EE security vulnerabilities

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.6.4, 18.7.2, and 18.8.2 containe...

GitLab security vulnerabilities

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.6.4, 18.7.2...

CVE-2025-43511

CVE-2025-43511 is a use-after-free in processing maliciously crafted web content that Apple fixed by applying memory-management improvements. The vulnerability is fixed in Apple platforms with the following updates: watchOS 26.2, Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, iOS 18.7.2...

PT-2025-51007

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description A flaw exists in the processing of web content that could lead to a process crash. This issue is due to improper memory management, specifically a use-after-free conditio...

SUSE CVE-2025-43429

A buffer overflow was addressed with improved bounds checking. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43418

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information...

CVE-2025-43443

This issue was addressed with improved checks. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43454

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. A device may persistently fail to lock...

CVE-2025-43444

A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. An app may be able to fingerprint the user...

PT-2025-44884

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to learn information about the current camera view before being granted camera access...

PT-2025-44904

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to monitor keystrokes without user permission...

PT-2025-44836

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description An issue existed where an application could potentially access sensitive user data. The problematic code has been removed to address this privacy concern. Recommendations...

PT-2025-44878

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description A permissions issue existed that allowed an application to potentially fingerprint a user. Additional restrictions were implemented to address this issue. Recommendations...

PT-2025-44877

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description Processing maliciously crafted web content may lead to an unexpected process crash. Recommendations Update to iOS version 18.7.2. Update to iPadOS version 18.7.2...

PT-2025-44907

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description An application may be capable of accessing sensitive user data. The issue was resolved through the implementation of additional entitlement checks. Recommendations Update...

PT-2025-44905

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description A flaw exists where remote content could be loaded despite the 'Load Remote Images' setting being disabled. This issue was resolved by implementing additional logic to...