10 matches found
EUVD-2025-24603
Malicious code in bioql PyPI...
BIT-GITLAB-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...
GitLab 18.0 < 18.0.6 / 18.1 < 18.1.4 / 18.2 < 18.2.2 (CVE-2025-8770)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific...
CVE-2025-8770
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...
CVE-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...
CVE-2025-8770
CVE-2025-8770 describes a vulnerability in GitLab EE where authenticated users with specific access could bypass merge request approval policies by manipulating approval rule identifiers. Affected versions are GitLab EE 18.0 up to before 18.0.6, 18.1 up to before 18.1.4, and 18.2 up to before 18....
CVE-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...
CVE-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...
CVE-2025-8770
Removed by vendor...
PT-2025-33058 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab EE versions prior to 18.0.6 GitLab EE versions prior to 18.1.4 GitLab EE versions prior to 18.2.2 Description: An issue exists in GitLab EE that allows authenticated users with specific access to bypass merge request approval policies ...