VDB
GCVE-110-NCSC-2025-342
GCVE-110-NCSC-2025-342
Advisory PublishedCVSS 7.5/10
GitLab has addressed a vulnerability in GitLab EE versions 18.4 (prior to 18.4.3) and 18.5 (prior to 18.5.1) that allowed authenticated users to improperly access projects via the access request approval process.
Weaknesses (CWE)
CWE-770Allocation of Resources Without Limits or ThrottlingCWE-863Incorrect AuthorizationCWE-862Missing AuthorizationCWE-840-
Risk Scores
CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GitLab | vers:unknown/* | — | — |
| Open Source | vers:unknown/* | — | — |
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.