CNNVD-202506-3287 Information

CNNVD ID

CNNVD-202506-3287

Related CVE

CVE-2025-5846

• CNNVD Published: 2025-06-26

Description (Chinese)

GitLab Enterprise Edition（EE）是美国GitLab公司的一套内容管理系统。 GitLab Enterprise Edition 17.11.5之前版本、18.0.3之前版本和18.1.1之前版本存在安全漏洞，该漏洞源于绕过权限检查，可能导致未经授权的合规框架分配。

Description (English)

GitLab Enterprise Edition (EE) is a content management system for GitLab in the United States. There is a security loophole in previous versions of Gitlab Enterprise 17.11.5, 18.0.3 and 18.1.1, which stems from the circumvention of authority checks and may lead to unauthorized compliance framework allocations.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

GitLab

Published

2025-06-26

Last Modified

2026-02-24

References

https://gitlab.com/gitlab-org/gitlab/-/issues/546435 https://vigilance.fr/vulnerability/GitLab-CE-EE-five-vulnerabilities-dated-25-06-2025-47530

Patch

https://packages.gitlab.com/gitlab/gitlab-ee