CNNVD-202507-1481 Information

CNNVD ID

CNNVD-202507-1481

Related CVE

CVE-2025-6168

• CNNVD Published: 2025-07-10

Description (Chinese)

GitLab Enterprise Edition（EE）是美国GitLab公司的一套内容管理系统。 GitLab Enterprise Edition 18.0至18.0.4之前版本和18.1至18.1.2之前版本存在安全漏洞，该漏洞源于认证维护者可能绕过组级别用户邀请限制。

Description (English)

GitLab Enterprise Edition (EE) is a content management system for GitLab in the United States. There is a security gap between GitLab Enterprise Application 18.0 to 18.0.4, and between 18.1 to 18.1.2, which stems from the possibility of the authentication maintainer circumventing group-level user invitation restrictions.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

GitLab

Published

2025-07-10

Last Modified

2026-02-24

References

https://gitlab.com/gitlab-org/gitlab/-/issues/549725 https://hackerone.com/reports/3196745 https://vigilance.fr/vulnerability/GitLab-CE-EE-multiple-vulnerabilities-dated-09-07-2025-47672 https://nvd.nist.gov/vuln/detail/CVE-2025-6168

Patch

https://about.gitlab.com/