CVE-2025-0516

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-0516

Severity

Unknown

Description

Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project data.

References

https://images.chainguard.dev/security/CGA-r6w6-44xw-6mcw
https://github.com/advisories/GHSA-7wc9-4gpr-w6xx
https://images.chainguard.dev/security/CGA-j9p7-w45x-j844
https://images.chainguard.dev/security/CGA-ff38-cw2f-84p2
https://images.chainguard.dev/security/CGA-883q-v5fh-43c8
https://images.chainguard.dev/security/CGA-c83q-hjcq-7272
https://images.chainguard.dev/security/CGA-74xq-qxgx-ff63
https://images.chainguard.dev/security/CGA-pqcc-q83h-3vhm
https://images.chainguard.dev/security/CGA-r5rg-j8fx-h8f4
https://images.chainguard.dev/security/CGA-jj36-xxgp-j9p7
https://images.chainguard.dev/security/CGA-6687-mp9h-c2h6
https://images.chainguard.dev/security/CGA-4grp-9xmx-mmfv
https://images.chainguard.dev/security/CGA-xcm4-v39f-hfxq
https://images.chainguard.dev/security/CGA-2mh2-73hm-65r9
https://images.chainguard.dev/security/CGA-4h8j-hv37-xm76
https://images.chainguard.dev/security/CGA-v4p5-j95j-qvpm
https://images.chainguard.dev/security/CGA-cc4m-qpv4-cw68
https://images.chainguard.dev/security/CGA-5w27-c222-pvh8
https://images.chainguard.dev/security/CGA-x3gf-h55h-f3wj
https://images.chainguard.dev/security/CGA-j7x9-4h44-382j
https://gitlab.com/gitlab-org/gitlab/-/issues/513540
https://hackerone.com/reports/2914644

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

CVE-2025-0516

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources