CVE-2025-5195 – GitLab Compliance Framework Unauthorized Data Disclosure

CVE ID : CVE-2025-5195

Published : June 12, 2025, 11:15 a.m. | 1 hour, 44 minutes ago

Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary compliance frameworks, leading to unauthorized data disclosure.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…