vulnerability
Gitlab Gitlab: CVE-2025-5195: Authorization Bypass Through User-Controlled Key
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Jun 12, 2025 | Jun 13, 2025 | Jul 2, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Jun 12, 2025
Added
Jun 13, 2025
Modified
Jul 2, 2025
Description
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.
Solution
gitlab-gitlab-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.