CNNVD-202511-2841 Information
CNNVD ID
CNNVD-202511-2841
Related CVE
- CNNVD Published: 2025-11-26
Description (Chinese)
GitLab Enterprise Edition(EE)是美国GitLab公司的一套内容管理系统。 GitLab EE 13.7版本至18.4.5之前版本、18.5版本至18.5.3之前版本和18.6版本至18.6.1之前版本存在安全漏洞,该漏洞源于特定配置条件下已验证用户可查看安全报告信息。
Description (English)
GitLab Enterprise Edition (EE) is a content management system for GitLab in the United States. There is a security loophole between GitLab EE 13.7 and 18.4.5, between 18.5 and 18.5.3 and between 18.6 and 18.6.1, which is derived from the fact that certified users can view the security report information under specific configuration conditions.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GitLab
Published
2025-11-26
Last Modified
2026-02-24
References
https://gitlab.com/gitlab-org/gitlab/-/issues/549937 https://hackerone.com/reports/3155693 https://vigilance.fr/vulnerability/GitLab-CE-EE-multiple-vulnerabilities-dated-26-11-2025-48877 https://access.redhat.com/security/cve/cve-2025-6195
Patch
https://packages.gitlab.com/gitlab/gitlab-ee
Share on: