Vulnerability-Lookup

CVE-2025-13781 (GCVE-0-2025-13781)

Vulnerability from cvelistv5 – Published: 2026-01-09 10:03 – Updated: 2026-01-09 19:14

Title

Missing Authorization in GitLab

Summary

GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-862 - Missing Authorization

Assigner

GitLab

References

3 references

URL	Tags
https://gitlab.com/gitlab-org/gitlab/-/issues/578756	issue-trackingpermissions-required
https://hackerone.com/reports/3400940	technical-descriptionexploitpermissions-required
https://about.gitlab.com/releases/2026/01/07/patc…

Impacted products

1 product

Vendor	Product	Version
GitLab	GitLab	Affected: 18.5 , < 18.5.5 (semver) Affected: 18.6 , < 18.6.3 (semver) Affected: 18.7 , < 18.7.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

Thanks [pwnie](https://hackerone.com/pwnie) for reporting this vulnerability through our HackerOne bug bounty program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13781",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-09T19:12:40.834326Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-09T19:14:05.513Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "18.5.5",
              "status": "affected",
              "version": "18.5",
              "versionType": "semver"
            },
            {
              "lessThan": "18.6.3",
              "status": "affected",
              "version": "18.6",
              "versionType": "semver"
            },
            {
              "lessThan": "18.7.1",
              "status": "affected",
              "version": "18.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks [pwnie](https://hackerone.com/pwnie) for reporting this vulnerability through our HackerOne bug bounty program"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862: Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-09T10:03:51.554Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "name": "GitLab Issue #578756",
          "tags": [
            "issue-tracking",
            "permissions-required"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/578756"
        },
        {
          "name": "HackerOne Bug Bounty Report #3400940",
          "tags": [
            "technical-description",
            "exploit",
            "permissions-required"
          ],
          "url": "https://hackerone.com/reports/3400940"
        },
        {
          "url": "https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 18.5.5, 18.6.3, 18.7.1 or above."
        }
      ],
      "title": "Missing Authorization in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2025-13781",
    "datePublished": "2026-01-09T10:03:51.554Z",
    "dateReserved": "2025-11-28T20:33:22.260Z",
    "dateUpdated": "2026-01-09T19:14:05.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-13781",
      "date": "2026-06-28",
      "epss": "0.00406",
      "percentile": "0.32472"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-13781\",\"sourceIdentifier\":\"cve@gitlab.com\",\"published\":\"2026-01-09T10:15:45.613\",\"lastModified\":\"2026-06-17T08:34:44.610\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations.\"},{\"lang\":\"es\",\"value\":\"GitLab ha remediado un problema en GitLab EE que afecta a todas las versiones desde la 18.5 antes de la 18.5.5, la 18.6 antes de la 18.6.3, y la 18.7 antes de la 18.7.1 que podr\u00eda haber permitido a un usuario autenticado modificar la configuraci\u00f3n del proveedor de caracter\u00edsticas de IA a nivel de instancia explotando la falta de comprobaciones de autorizaci\u00f3n en las mutaciones de GraphQL.\"}],\"affected\":[{\"source\":\"cve@gitlab.com\",\"affectedData\":[{\"vendor\":\"GitLab\",\"product\":\"GitLab\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*\"],\"repo\":\"git://git@gitlab.com:gitlab-org/gitlab.git\",\"versions\":[{\"version\":\"18.5\",\"lessThan\":\"18.5.5\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"18.6\",\"lessThan\":\"18.6.3\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"18.7\",\"lessThan\":\"18.7.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@gitlab.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-01-09T19:12:40.834326Z\",\"id\":\"CVE-2025-13781\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"cve@gitlab.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"18.5.0\",\"versionEndExcluding\":\"18.5.5\",\"matchCriteriaId\":\"722A4635-08B2-4A53-903A-E9D2A670B5FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"18.6.0\",\"versionEndExcluding\":\"18.6.3\",\"matchCriteriaId\":\"75013646-70F2-467E-B79E-9301338AB853\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:18.7.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"9B955F55-086B-4EDF-A9E6-5B9E68600494\"}]}]}],\"references\":[{\"url\":\"https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab/-/issues/578756\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://hackerone.com/reports/3400940\",\"source\":\"cve@gitlab.com\",\"tags\":[\"Permissions Required\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-13781\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-09T19:12:40.834326Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-09T19:14:02.569Z\"}}], \"cna\": {\"title\": \"Missing Authorization in GitLab\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Thanks [pwnie](https://hackerone.com/pwnie) for reporting this vulnerability through our HackerOne bug bounty program\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*\"], \"repo\": \"git://git@gitlab.com:gitlab-org/gitlab.git\", \"vendor\": \"GitLab\", \"product\": \"GitLab\", \"versions\": [{\"status\": \"affected\", \"version\": \"18.5\", \"lessThan\": \"18.5.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"18.6\", \"lessThan\": \"18.6.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"18.7\", \"lessThan\": \"18.7.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Upgrade to versions 18.5.5, 18.6.3, 18.7.1 or above.\"}], \"references\": [{\"url\": \"https://gitlab.com/gitlab-org/gitlab/-/issues/578756\", \"name\": \"GitLab Issue #578756\", \"tags\": [\"issue-tracking\", \"permissions-required\"]}, {\"url\": \"https://hackerone.com/reports/3400940\", \"name\": \"HackerOne Bug Bounty Report #3400940\", \"tags\": [\"technical-description\", \"exploit\", \"permissions-required\"]}, {\"url\": \"https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862: Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"shortName\": \"GitLab\", \"dateUpdated\": \"2026-01-09T10:03:51.554Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-13781\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-09T19:14:05.513Z\", \"dateReserved\": \"2025-11-28T20:33:22.260Z\", \"assignerOrgId\": \"ceab7361-8a18-47b1-92ba-4d7d25f6715a\", \"datePublished\": \"2026-01-09T10:03:51.554Z\", \"assignerShortName\": \"GitLab\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0014

Vulnerability from certfr_avis - Published: 2026-01-08 - Updated: 2026-01-08

De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) versions antérieures à 18.5.5
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) versions 18.6.x antérieures à 18.6.3
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) versions 18.7.x antérieures à 18.7.1

References

Title

Publication Time

CERTFR-2026-AVI-0014

Vulnerability from certfr_avis - Published: 2026-01-08 - Updated: 2026-01-08

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) versions antérieures à 18.5.5
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) versions 18.6.x antérieures à 18.6.3
GitLab	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)	GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) versions 18.7.x antérieures à 18.7.1

References

Title

Publication Time

bit-gitlab-2025-13781

Vulnerability from bitnami_vulndb

Published

2026-01-13 09:07

Modified

2026-01-13 09:11

Summary

Missing Authorization in GitLab

Details

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "gitlab",
        "purl": "pkg:bitnami/gitlab"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "18.5.0"
            },
            {
              "fixed": "18.5.5"
            },
            {
              "introduced": "18.6.0"
            },
            {
              "fixed": "18.6.3"
            },
            {
              "introduced": "18.7.0"
            },
            {
              "fixed": "18.7.1"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-13781"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
    ],
    "severity": "Medium"
  },
  "details": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations.",
  "id": "BIT-gitlab-2025-13781",
  "modified": "2026-01-13T09:11:00.781Z",
  "published": "2026-01-13T09:07:23.273Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/578756"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3400940"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13781"
    }
  ],
  "schema_version": "1.6.2",
  "summary": "Missing Authorization in GitLab"
}

FKIE_CVE-2025-13781

Vulnerability from fkie_nvd - Published: 2026-01-09 10:15 - Updated: 2026-06-17 08:34

Severity

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
cve@gitlab.com	https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/	Release Notes, Vendor Advisory
cve@gitlab.com	https://gitlab.com/gitlab-org/gitlab/-/issues/578756	Broken Link
cve@gitlab.com	https://hackerone.com/reports/3400940	Permissions Required

Impacted products

Vendor	Product	Version
gitlab	gitlab	*
gitlab	gitlab	*
gitlab	gitlab	18.7.0

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "18.5.5",
              "status": "affected",
              "version": "18.5",
              "versionType": "semver"
            },
            {
              "lessThan": "18.6.3",
              "status": "affected",
              "version": "18.6",
              "versionType": "semver"
            },
            {
              "lessThan": "18.7.1",
              "status": "affected",
              "version": "18.7",
              "versionType": "semver"
            }
          ]
        }
      ],
      "source": "cve@gitlab.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "722A4635-08B2-4A53-903A-E9D2A670B5FB",
              "versionEndExcluding": "18.5.5",
              "versionStartIncluding": "18.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "75013646-70F2-467E-B79E-9301338AB853",
              "versionEndExcluding": "18.6.3",
              "versionStartIncluding": "18.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gitlab:gitlab:18.7.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "9B955F55-086B-4EDF-A9E6-5B9E68600494",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations."
    },
    {
      "lang": "es",
      "value": "GitLab ha remediado un problema en GitLab EE que afecta a todas las versiones desde la 18.5 antes de la 18.5.5, la 18.6 antes de la 18.6.3, y la 18.7 antes de la 18.7.1 que podr\u00eda haber permitido a un usuario autenticado modificar la configuraci\u00f3n del proveedor de caracter\u00edsticas de IA a nivel de instancia explotando la falta de comprobaciones de autorizaci\u00f3n en las mutaciones de GraphQL."
    }
  ],
  "id": "CVE-2025-13781",
  "lastModified": "2026-06-17T08:34:44.610",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "cve@gitlab.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2025-13781",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-01-09T19:12:40.834326Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-01-09T10:15:45.613",
  "references": [
    {
      "source": "cve@gitlab.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/"
    },
    {
      "source": "cve@gitlab.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/578756"
    },
    {
      "source": "cve@gitlab.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "https://hackerone.com/reports/3400940"
    }
  ],
  "sourceIdentifier": "cve@gitlab.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "cve@gitlab.com",
      "type": "Secondary"
    }
  ]
}

GHSA-P7GW-XWGF-7W7C

Vulnerability from github – Published: 2026-01-09 12:32 – Updated: 2026-01-09 12:32

Details

Severity

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-13781"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-862"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-09T10:15:45Z",
    "severity": "MODERATE"
  },
  "details": "GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to modify instance-wide AI feature provider settings by exploiting missing authorization checks in GraphQL mutations.",
  "id": "GHSA-p7gw-xwgf-7w7c",
  "modified": "2026-01-09T12:32:24Z",
  "published": "2026-01-09T12:32:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13781"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/3400940"
    },
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/578756"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0003

Vulnerability from csaf_ncscnl - Published: 2026-01-09 11:11 - Updated: 2026-01-09 11:11

Summary

Kwetsbaarheden verholpen in GitLab

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: GitLab heeft kwetsbaarheden verholpen in GitLab CE/EE.

Interpretaties: De kwetsbaarheden omvatten verschillende problemen, waaronder de mogelijkheid voor geauthenticeerde gebruikers om externe API-aanroepen te misbruiken, wat kan leiden tot een Denial-of-Service. Daarnaast konden geauthenticeerde gebruikers via GraphQL ongeautoriseerde wijzigingen aanbrengen in projectconfiguraties en AI-instellingen van ongeautoriseerde namespaces. Een andere kwetsbaarheid stelde ongeauthenticeerde gebruikers in staat om willekeurige code uit te voeren in de browser van een geauthenticeerde gebruiker via een kwaadaardige webpagina. Bovendien konden geauthenticeerde gebruikers gevoelige informatie lekken door speciaal vervaardigde afbeeldingen te gebruiken die de bescherming van de asset proxy omzeilden. Ten slotte was er een kwetsbaarheid die het mogelijk maakte om opgeslagen cross-site scripting (XSS) uit te voeren via GitLab Flavored Markdown, wat de beveiliging van de applicatie in gevaar kon brengen.

Oplossingen: GitLab heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-359: Exposure of Private Personal Information to an Unauthorized Actor

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-862: Missing Authorization

CWE-1220: Insufficient Granularity of Access Control

CVE-2025-10569

GitLab has addressed a vulnerability in GitLab CE/EE versions prior to specific updates that allowed authenticated users to induce a denial of service through manipulation of external API responses.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2025-11246

GitLab has addressed a vulnerability in versions prior to 18.5.5, 18.6.3, and 18.7.1 that allowed authenticated users to manipulate GraphQL and remove project runners from unrelated projects.

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CWE-1220 - Insufficient Granularity of Access Control

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2025-13761

GitLab has addressed a vulnerability in versions 18.6 (prior to 18.6.3) and 18.7 (prior to 18.7.1) that could enable an unauthenticated user to execute arbitrary code in an authenticated user's browser via a malicious webpage.

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2025-13772

GitLab has addressed a vulnerability in versions prior to 18.5.5, 18.6.3, and 18.7.1 that permitted authenticated users to manipulate API requests to access AI model settings from unauthorized namespaces.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2025-13781

GitLab has addressed a vulnerability in versions prior to 18.5.5, 18.6.3, and 18.7.1 that allowed authenticated users to modify instance-wide AI feature provider settings due to inadequate authorization checks in GraphQL mutations.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2025-3950

GitLab has addressed a vulnerability in versions 10.3 to 18.5.5, 18.6 to 18.6.3, and 18.7 to 18.7.1 that could enable sensitive information leakage via specially crafted images bypassing asset proxy protection.

3.5 (Low)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

CVE-2025-9222

GitLab has addressed a vulnerability in GitLab CE/EE versions that permitted authenticated users to execute stored cross-site scripting via GitLab Flavored Markdown.

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
vers:unknown/* GitLab / GitLab		vers:unknown/*

References

8 references

URL	Category
https://about.gitlab.com/releases/2026/01/07/patc…	external
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "GitLab heeft kwetsbaarheden verholpen in GitLab CE/EE.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden omvatten verschillende problemen, waaronder de mogelijkheid voor geauthenticeerde gebruikers om externe API-aanroepen te misbruiken, wat kan leiden tot een Denial-of-Service. Daarnaast konden geauthenticeerde gebruikers via GraphQL ongeautoriseerde wijzigingen aanbrengen in projectconfiguraties en AI-instellingen van ongeautoriseerde namespaces. Een andere kwetsbaarheid stelde ongeauthenticeerde gebruikers in staat om willekeurige code uit te voeren in de browser van een geauthenticeerde gebruiker via een kwaadaardige webpagina. Bovendien konden geauthenticeerde gebruikers gevoelige informatie lekken door speciaal vervaardigde afbeeldingen te gebruiken die de bescherming van de asset proxy omzeilden. Ten slotte was er een kwetsbaarheid die het mogelijk maakte om opgeslagen cross-site scripting (XSS) uit te voeren via GitLab Flavored Markdown, wat de beveiliging van de applicatie in gevaar kon brengen.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "GitLab heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Exposure of Private Personal Information to an Unauthorized Actor",
        "title": "CWE-359"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Insufficient Granularity of Access Control",
        "title": "CWE-1220"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/"
      }
    ],
    "title": "Kwetsbaarheden verholpen in GitLab",
    "tracking": {
      "current_release_date": "2026-01-09T11:11:48.308357Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0003",
      "initial_release_date": "2026-01-09T11:11:48.308357Z",
      "revision_history": [
        {
          "date": "2026-01-09T11:11:48.308357Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "GitLab"
          }
        ],
        "category": "vendor",
        "name": "GitLab"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-10569",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in GitLab CE/EE versions prior to specific updates that allowed authenticated users to induce a denial of service through manipulation of external API responses.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-10569 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-10569.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-10569"
    },
    {
      "cve": "CVE-2025-11246",
      "cwe": {
        "id": "CWE-1220",
        "name": "Insufficient Granularity of Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Granularity of Access Control",
          "title": "CWE-1220"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in versions prior to 18.5.5, 18.6.3, and 18.7.1 that allowed authenticated users to manipulate GraphQL and remove project runners from unrelated projects.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-11246 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-11246.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-11246"
    },
    {
      "cve": "CVE-2025-13761",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in versions 18.6 (prior to 18.6.3) and 18.7 (prior to 18.7.1) that could enable an unauthenticated user to execute arbitrary code in an authenticated user\u0027s browser via a malicious webpage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-13761 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-13761.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-13761"
    },
    {
      "cve": "CVE-2025-13772",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in versions prior to 18.5.5, 18.6.3, and 18.7.1 that permitted authenticated users to manipulate API requests to access AI model settings from unauthorized namespaces.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-13772 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-13772.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-13772"
    },
    {
      "cve": "CVE-2025-13781",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in versions prior to 18.5.5, 18.6.3, and 18.7.1 that allowed authenticated users to modify instance-wide AI feature provider settings due to inadequate authorization checks in GraphQL mutations.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-13781 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-13781.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-13781"
    },
    {
      "cve": "CVE-2025-3950",
      "cwe": {
        "id": "CWE-359",
        "name": "Exposure of Private Personal Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Private Personal Information to an Unauthorized Actor",
          "title": "CWE-359"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in versions 10.3 to 18.5.5, 18.6 to 18.6.3, and 18.7 to 18.7.1 that could enable sensitive information leakage via specially crafted images bypassing asset proxy protection.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-3950 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-3950.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-3950"
    },
    {
      "cve": "CVE-2025-9222",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "description",
          "text": "GitLab has addressed a vulnerability in GitLab CE/EE versions that permitted authenticated users to execute stored cross-site scripting via GitLab Flavored Markdown.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-9222 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9222.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1"
          ]
        }
      ],
      "title": "CVE-2025-9222"
    }
  ]
}

WID-SEC-W-2026-0037

Vulnerability from csaf_certbund - Published: 2026-01-07 23:00 - Updated: 2026-01-11 23:00

Summary

GitLab CE und EE: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: GitLab ist eine Webanwendung zur Versionsverwaltung für Softwareprojekte auf Basis von git.

Angriff: Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um einen Denial of Service Angriff durchzuführen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting-Angriffe durchzuführen, Daten zu manipulieren oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2025-10569

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

CVE-2025-11246

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

CVE-2025-13761

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

CVE-2025-13772

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

CVE-2025-13781

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

CVE-2025-3950

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

CVE-2025-9222

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Open Source GitLab <18.5.5 Open Source / GitLab		<18.5.5
Open Source GitLab <18.6.3 Open Source / GitLab		<18.6.3
Open Source GitLab <18.7.1 Open Source / GitLab		<18.7.1

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://about.gitlab.com/releases/2026/01/07/patc…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "GitLab ist eine Webanwendung zur Versionsverwaltung f\u00fcr Softwareprojekte auf Basis von git.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter oder anonymer  Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting-Angriffe durchzuf\u00fchren, Daten zu manipulieren oder vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0037 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0037.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0037 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0037"
      },
      {
        "category": "external",
        "summary": "GitLab Patch Release vom 2026-01-07",
        "url": "https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/"
      }
    ],
    "source_lang": "en-US",
    "title": "GitLab CE und EE: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-01-11T23:00:00.000+00:00",
      "generator": {
        "date": "2026-01-12T09:31:25.860+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0037",
      "initial_release_date": "2026-01-07T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-01-07T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-01-11T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-1767, EUVD-2026-1768, EUVD-2026-1771, EUVD-2026-1773, EUVD-2026-1763, EUVD-2026-1770, EUVD-2026-1757"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c18.7.1",
                "product": {
                  "name": "Open Source GitLab \u003c18.7.1",
                  "product_id": "T049757"
                }
              },
              {
                "category": "product_version",
                "name": "18.7.1",
                "product": {
                  "name": "Open Source GitLab 18.7.1",
                  "product_id": "T049757-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:18.7.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c18.6.3",
                "product": {
                  "name": "Open Source GitLab \u003c18.6.3",
                  "product_id": "T049758"
                }
              },
              {
                "category": "product_version",
                "name": "18.6.3",
                "product": {
                  "name": "Open Source GitLab 18.6.3",
                  "product_id": "T049758-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:18.6.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c18.5.5",
                "product": {
                  "name": "Open Source GitLab \u003c18.5.5",
                  "product_id": "T049759"
                }
              },
              {
                "category": "product_version",
                "name": "18.5.5",
                "product": {
                  "name": "Open Source GitLab 18.5.5",
                  "product_id": "T049759-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:18.5.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "GitLab"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-10569",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-10569"
    },
    {
      "cve": "CVE-2025-11246",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-11246"
    },
    {
      "cve": "CVE-2025-13761",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-13761"
    },
    {
      "cve": "CVE-2025-13772",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-13772"
    },
    {
      "cve": "CVE-2025-13781",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-13781"
    },
    {
      "cve": "CVE-2025-3950",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-3950"
    },
    {
      "cve": "CVE-2025-9222",
      "product_status": {
        "known_affected": [
          "T049759",
          "T049758",
          "T049757"
        ]
      },
      "release_date": "2026-01-07T23:00:00.000+00:00",
      "title": "CVE-2025-9222"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-13781 (GCVE-0-2025-13781)

CERTFR-2026-AVI-0014

Solutions

CERTFR-2026-AVI-0014

Solutions

bit-gitlab-2025-13781

Vulnerability from bitnami_vulndb

FKIE_CVE-2025-13781

GHSA-P7GW-XWGF-7W7C

NCSC-2026-0003

WID-SEC-W-2026-0037

Tags

Sightings

Nomenclature