CVE-2025-13772

High CVSS: 7.1

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to access and utilize AI model settings from unauthorized namespaces by manipulating namespace identifiers in API requests.

Vendor

Gitlab

Product

Gitlab

CWE

CWE-862

Yayın Tarihi

2026-01-09 10:15:45

Güncelleme

2026-01-22 17:25:24

Source Identifier

cve@gitlab.com

KEV Date Added

Kategoriler

CWE-862 Gitlab HIGH Gitlab 2026

Referanslar

https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/ https://gitlab.com/gitlab-org/gitlab/-/issues/581268

Benzer Kayıtlar

High

CVE-2026-2370

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 1…

High

CVE-2026-3857

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and…

High

CVE-2026-3988

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 1…

Medium

CVE-2026-2973

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.8.7, 18.9 before 18.9.3, and 1…

High

CVE-2026-2995

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.1…

Medium

CVE-2026-2726

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and…