VDB
CVE-2025-0605
CVE-2025-0605
PUBLISHED
An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Group access controls could allow certain users to bypass two-factor authentication requirements.
EPSS 0.05% · 16.3th percentile
Risk Scores
EPSS Score
0.05%
16.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 16.8.0, 18.0.0 |
| Bitnami | gitlab | 16.8.0, 18.0.0 |
Timeline
- Jan 21, 1970 Security Advisory
- May 21, 2025 CVE Published
- May 22, 2025 Coalition ESS Score
- May 22, 2025 PoC Published
- May 22, 2025 CVE Updated
- May 23, 2025 EPSS Score
- May 23, 2025 Coalition ESS Score
- Jun 3, 2025 EPSS Score
- Jun 11, 2025 Coalition ESS Score
- Jun 14, 2025 EPSS Score
- Jun 25, 2025 EPSS Score
- Jul 6, 2025 EPSS Score