CVE-2025-8770

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/549105	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

15 Aug 2025, 16:33

Type	Values Removed	Values Added
CPE		cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
First Time		Gitlab gitlab Gitlab
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/549105 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/549105 - Broken Link

14 Aug 2025, 13:11

Type	Values Removed	Values Added
Summary		(es) Se ha descubierto un problema en GitLab EE que afecta a todas las versiones desde la 18.0 anterior a la 18.0.6, la 18.1 anterior a la 18.1.4 y la 18.2 anterior a la 18.2.2 que podría haber permitido a usuarios autenticados con acceso específico eludir las políticas de aprobación de solicitudes de fusión manipulando los identificadores de las reglas de aprobación.

13 Aug 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-13 18:15

Updated : 2025-08-15 16:33

NVD link : CVE-2025-8770

Mitre link : CVE-2025-8770

CVE.ORG link : CVE-2025-8770

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

{"id": "CVE-2025-8770", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-08-13T18:15:33.250", "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/549105", "tags": ["Broken Link"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers."}, {"lang": "es", "value": "Se ha descubierto un problema en GitLab EE que afecta a todas las versiones desde la 18.0 anterior a la 18.0.6, la 18.1 anterior a la 18.1.4 y la 18.2 anterior a la 18.2.2 que podr\u00eda haber permitido a usuarios autenticados con acceso espec\u00edfico eludir las pol\u00edticas de aprobaci\u00f3n de solicitudes de fusi\u00f3n manipulando los identificadores de las reglas de aprobaci\u00f3n."}], "lastModified": "2025-08-15T16:33:45.953", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "8732ABE4-1363-4DB4-8205-EF2C8D393B94", "versionEndExcluding": "18.0.6", "versionStartIncluding": "18.0.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "A8A01B2F-02DE-4743-939A-F9170497ACB6", "versionEndExcluding": "18.1.4", "versionStartIncluding": "18.1.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "CAFE4523-C681-44E4-A5E1-312D520EEBEE", "versionEndExcluding": "18.2.2", "versionStartIncluding": "18.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}