Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-8770

Опубликовано: 13 авг. 2025
Источник: debian

Описание

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabnot-affectedpackage

Связанные уязвимости

ubuntu логотип

CVE-2025-8770

CVSS3: 6.5
ubuntu
2 месяца назад

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.

nvd логотип

CVE-2025-8770

CVSS3: 6.5
nvd
2 месяца назад

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.

github логотип

GHSA-gxh9-4vgj-w44j

CVSS3: 6.5
github
2 месяца назад

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.

fstec логотип

BDU:2025-10982

CVSS3: 6.5
fstec
2 месяца назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab EE/CE, связанная с обходом авторизации посредством ключа, контролируемого пользователем, позволяющая нарушителю получить несанкционированный доступ к данным пользователя