CNNVD-202507-3061 Information
CNNVD ID
CNNVD-202507-3061
Related CVE
- CNNVD Published: 2025-07-24
Description (Chinese)
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE)都是美国GitLab公司的产品。GitLab Enterprise Edition是一套内容管理系统。GitLab Community Edition是一种社区版 GitLab 。 GitLab CE和EE 15.0至18.0.5之前版本、18.1至18.1.3之前版本和18.2至18.2.1之前版本存在安全漏洞,该漏洞源于特权用户可能通过API访问本应不可用的资源组信息。
Description (English)
GitLab Enterprise Edition (EE) and GitLab Community Edition (CE) are products of the United States company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There is a security gap between Gitlab CE and EE 15.0-18.0.5, 18.1-18.1.3 and 18.2-18.2.1, which stems from the possibility that privileged users may access information on resource groups that would otherwise not be available through API.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GitLab
Published
2025-07-24
Last Modified
2026-02-24
References
https://gitlab.com/gitlab-org/gitlab/-/issues/553163 https://hackerone.com/reports/3223993
Patch
https://packages.gitlab.com/gitlab/gitlab-ee
Share on: