VDB

CVE-2025-0605

CVE-2025-0605 PUBLISHED

An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Group access controls could allow certain users to bypass two-factor authentication requirements.

EPSS 0.05% · 16.3th percentile

Risk Scores

EPSS Score
0.05%
16.3th percentile

Affected Products

VendorProductVersions
Bitnamigitlab16.8.0, 18.0.0
Bitnamigitlab16.8.0, 18.0.0

Timeline

  • Jan 21, 1970 Security Advisory
  • May 21, 2025 CVE Published
  • May 22, 2025 Coalition ESS Score
  • May 22, 2025 PoC Published
  • May 22, 2025 CVE Updated
  • May 23, 2025 EPSS Score
  • May 23, 2025 Coalition ESS Score
  • Jun 3, 2025 EPSS Score
  • Jun 11, 2025 Coalition ESS Score
  • Jun 14, 2025 EPSS Score
  • Jun 25, 2025 EPSS Score
  • Jul 6, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›