{"id":68017,"date":"2025-08-13T22:31:54","date_gmt":"2025-08-13T19:01:54","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-8770-gitlab-ee-authentication-bypass-vulnerability\/"},"modified":"2025-08-13T22:31:54","modified_gmt":"2025-08-13T19:01:54","slug":"cve-2025-8770-gitlab-ee-authentication-bypass-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-8770-gitlab-ee-authentication-bypass-vulnerability\/","title":{"rendered":"CVE-2025-8770 &#8211; GitLab EE Authentication Bypass Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-8770<br \/>\n<br \/>\n<strong>Published : <\/strong> Aug. 13, 2025, 6:15 p.m. | 17\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 6.5 | MEDIUM<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-8770 Published : Aug. 13, 2025, 6:15 p.m. | 17\u00a0minutes ago Description : An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-68017","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68017","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=68017"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/68017\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=68017"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=68017"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=68017"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}