CVE-2025-1540 | GitLab Community Edition/Enterprise Edition up to 17.6.4/17.7.3/17.8.1 Internal Project authorization

Inserito da Angelo Barbosa | Mar 6, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 17.6.4/17.7.3/17.8.1. This issue affects some unknown processing of the component Internal Project Handler. The manipulation leads to incorrect authorization.

The identification of this vulnerability is CVE-2025-1540. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1540 | GitLab Community Edition/Enterprise Edition up to 17.6.4/17.7.3/17.8.1 Internal Project authorization

Post correlati

CVE-2024-22876 | StrangeBee TheHive up to 5.1.9/5.2.8 Cache Attachment cross site scripting (SB-SEC-ADV-2023-002)

CVE-2024-13282 | Drupal Block permissions up to 1.1.x authorization

CVE-2024-28193 | Yooooomi your_spotify up to 1.7.x API /me information disclosure (GHSA-3782-758)

CVE-2024-21574 | ltdrdata ComfyUI-Manager up to 2.51.0 POST Request /customnode/install pip code injection