CVE-2025-5819

An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users with developer access to obtain ID tokens for protected branches under certain circumstances.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/548165	Broken Link
https://hackerone.com/reports/3137660	Permissions Required

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

No history.

Information

Published : 2025-08-13 18:15

Updated : 2025-08-29 17:15

NVD link : CVE-2025-5819

Mitre link : CVE-2025-5819

CVE.ORG link : CVE-2025-5819

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

{"id": "CVE-2025-5819", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.1}]}, "published": "2025-08-13T18:15:32.330", "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/548165", "tags": ["Broken Link"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/3137660", "tags": ["Permissions Required"], "source": "cve@gitlab.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users with developer access to obtain ID tokens for protected branches under certain circumstances."}, {"lang": "es", "value": "Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde la 15.7 hasta la 17.11.6, la 18.0 hasta la 18.0.4 y la 18.1 hasta la 18.1.2 que podr\u00eda haber permitido a usuarios autenticados con acceso de desarrollador obtener tokens de identificaci\u00f3n para ramas protegidas en determinadas circunstancias."}], "lastModified": "2025-08-29T17:15:36.250", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "E189D5F9-07AA-4D2B-AE92-B3ED70347DBF", "versionEndExcluding": "17.11.6", "versionStartIncluding": "15.7.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "E288E668-62BD-41DC-B9D9-3FCEC3A1C251", "versionEndExcluding": "17.11.6", "versionStartIncluding": "15.7.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "A4839A98-785F-41DD-A6A1-51476E823CFE", "versionEndExcluding": "18.0.4", "versionStartIncluding": "18.0.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "4F27FCAE-C2B3-489C-AEDB-BA19DD32DE7A", "versionEndExcluding": "18.0.4", "versionStartIncluding": "18.0.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "BE71AB34-398E-4A9B-A90C-63B1CD883426", "versionEndExcluding": "18.1.2", "versionStartIncluding": "18.1.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "163718AE-806A-4D9C-ADA1-30FBFA87C317", "versionEndExcluding": "18.1.2", "versionStartIncluding": "18.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}