Date:2025/03/18
【Vulnerability Warning】GitLab Community Edition (CE) and Enterprise Edition (EE) have two critical security vulnerabilities.
Subject: 【Vulnerability Warning】GitLab Community Edition (CE) and Enterprise Edition (EE) have two critical security vulnerabilities.
Description:
For details, please refer to the following links.
GitLab 的社群版(CE)及企業版(EE)存在2個重大資安漏洞:
https://www.twcert.org.tw/tw/cp-169-10016-550eb-1.html
GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7:
https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/#guest-with-custom-admin-group-member-permissions-can-approve-the-users-invitation-despite-user-caps
CVE-2025-25291:
https://nvd.nist.gov/vuln/detail/CVE-2025-25291
CVE-2025-25292:
https://nvd.nist.gov/vuln/detail/CVE-2025-25292
Network System Division
Computer and Communication Center9