The remote Debian host is missing a security-related update.
Several vulnerabilities have been discovered in Gitlab, a software platform to collaborate on code : - CVE-2017-0915/ CVE-2018-3710 Arbitrary code execution in project import. - CVE-2017-0916 Command injection via Webhooks. - CVE-2017-0917 Cross-site scripting in CI job output. - CVE-2017-0918 Insufficient restriction of CI runner for project cache access. - CVE-2017-0925 Information disclosure in Services API. - CVE-2017-0926 Restrictions for disabled OAuth providers could be bypassed.
Upgrade the gitlab packages. For the stable distribution (stretch), these problems have been fixed in version 8.13.11+dfsg1-8+deb9u1.