CNNVD-202508-1414 Information

CNNVD ID

CNNVD-202508-1414

Related CVE

CVE-2025-2498

• CNNVD Published: 2025-08-13

Description (Chinese)

GitLab Enterprise Edition（EE）是美国GitLab公司的一套内容管理系统。 GitLab Enterprise Edition 12.0至18.0.6之前版本、18.1至18.1.4之前版本和18.2至18.2.2之前版本存在安全漏洞，该漏洞源于访问控制不当，可能导致查看受限组问题。

Description (English)

GitLab Enterprise Edition (EE) is a content management system for GitLab in the United States. There is a security loophole in GitLab Enterprise Application, previous versions 12.0 to 18.0.6, 18.1 to 18.1.4 and 18.2 to 18.2.2, which stems from inadequate access controls and may lead to access to restricted groups.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

GitLab

Published

2025-08-13

Last Modified

2026-02-24

References

https://gitlab.com/gitlab-org/gitlab/-/issues/525515 https://hackerone.com/reports/3037722

Patch

https://about.gitlab.com/