CVE-2025-5069 — Vulnetix

CVE-2025-5069 PUBLISHED

An issue has been discovered in GitLab CE/EE affecting all versions from 17.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that could have allowed an authenticated user to gain unauthorized access to confidential issues by creating a project with an identical name to the victim's project.

EPSS 0.01% · 1.0th percentile

Risk Scores

EPSS Score

0.01%

1.0th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	17.10.0, 18.3.0, 18.4.0
Bitnami	gitlab	17.10.0, 18.4.0, 18.3.0

Exploit Intelligence

https://hackerone.com/reports/3019236 (osv)

Timeline

Jan 21, 1970 Security Advisory
Sep 26, 2025 CVE Published
Sep 26, 2025 EPSS Score
Oct 3, 2025 EPSS Score
Oct 4, 2025 Coalition ESS Score
Oct 6, 2025 Coalition ESS Score
Oct 10, 2025 EPSS Score
Oct 16, 2025 EPSS Score
Oct 19, 2025 Coalition ESS Score
Oct 23, 2025 EPSS Score
Oct 26, 2025 Coalition ESS Score
Oct 27, 2025 Coalition ESS Score

References

https://gitlab.com/gitlab-org/gitlab/-/issues/544926 url
https://hackerone.com/reports/3019236 url
https://nvd.nist.gov/vuln/detail/CVE-2025-5069 url

Open in Interactive Console →