PT-2025-13455 · Gitlab · Gitlab Ce/Ee
Published
2025-03-26
·
Updated
2025-08-13
·
CVE-2024-12619
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:S/C:C/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab CE/EE versions 16.0 through 17.8.5
GitLab CE/EE versions 17.9 through 17.9.2
GitLab CE/EE versions 17.10 through 17.10.0
Description
An issue has been discovered in GitLab CE/EE, allowing internal users to gain unauthorized access to internal projects.
Recommendations
For GitLab CE/EE versions 16.0 through 17.8.5, update to version 17.8.6 or later.
For GitLab CE/EE versions 17.9 through 17.9.2, update to version 17.9.3 or later.
For GitLab CE/EE versions 17.10 through 17.10.0, update to version 17.10.1 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab Ce/Ee