PT-2025-48181 · Gitlab · Gitlab Ce/Ee

Published

2025-11-26

Updated

2025-12-02

CVE-2025-13611

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.2 through 18.4.5 GitLab CE/EE versions 18.5 through 18.5.3 GitLab CE/EE versions 18.6 through 18.6.1

Description An authenticated user with access to certain logs could potentially obtain sensitive tokens under specific conditions.

Recommendations Update GitLab CE/EE to a version after 18.4.5. Update GitLab CE/EE to a version after 18.5.3. Update GitLab CE/EE to a version after 18.6.1.

Exploit

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

BDU:2026-00972

BIT-GITLAB-2025-13611

CVE-2025-13611

Affected Products

Gitlab Ce/Ee

PT-2025-48181 · Gitlab · Gitlab Ce/Ee

CVE-2025-13611

Weakness Enumeration

Related Identifiers

Affected Products

References · 12