Date:2025/03/18
【Vulnerability Warning】GitLab Community Edition (CE) and Enterprise Edition (EE) have two critical security vulnerabilities.
- Subject: 【Vulnerability Warning】GitLab Community Edition (CE) and Enterprise Edition (EE) have two critical security vulnerabilities.
- Description:
For details, please refer to the following links.- GitLab 的社群版(CE)及企業版(EE)存在2個重大資安漏洞: https://www.twcert.org.tw/tw/cp-169-10016-550eb-1.html
- GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7: https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/#guest-with-custom-admin-group-member-permissions-can-approve-the-users-invitation-despite-user-caps
- CVE-2025-25291: https://nvd.nist.gov/vuln/detail/CVE-2025-25291
- CVE-2025-25292: https://nvd.nist.gov/vuln/detail/CVE-2025-25292
Network System Division
Computer and Communication Center9