Security Advisory

CVE-2025-2242

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-27 12:30:57

Last updated 2025-03-27 13:11:00

Assigner GitLab

State PUBLISHED

Description

An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1 allows a user who was an instance admin before but has since been downgraded to a regular user to continue to maintain elevated privileges to groups and projects.

← Browse all CVEs View on cve.org ↗