CNNVD-202601-1668 Information
CNNVD ID
CNNVD-202601-1668
Related CVE
- CNNVD Published: 2026-01-09
Description (Chinese)
GitLab Enterprise Edition(EE)是美国GitLab公司的一套内容管理系统。 GitLab Enterprise Edition(EE) 18.5.5之前版本、18.6.3之前版本和18.7.1之前版本存在安全漏洞,该漏洞源于API请求中操作命名空间标识符,可能导致未经授权访问和使用AI模型设置。
Description (English)
GitLab Enterprise Edition (EE) is a content management system for GitLab in the United States. There is a security loophole in GitLab Enterprise Edition (EE) 18.5.5, 18.6.3 and 18.7.1, which stems from the operation of the name space identifier in the API request, which may lead to unauthorized access to and use of AI model settings.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
GitLab
Published
2026-01-09
Last Modified
2026-02-24
References
https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/ https://gitlab.com/gitlab-org/gitlab/-/issues/581268
Patch
https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/
Share on: