CVE-2025-6195
📋 TL;DR
This vulnerability allows authenticated GitLab users to view sensitive security report information under specific configuration conditions. It affects GitLab EE versions 13.7 through 18.4.4, 18.5 through 18.5.2, and 18.6 through 18.6.0.
💻 Affected Systems
- GitLab EE
📦 What is this software?
Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →⚠️ Risk & Real-World Impact
Worst Case
Unauthorized disclosure of sensitive security findings, vulnerability details, or proprietary security data to authenticated users who shouldn't have access.
Likely Case
Authenticated users with some access privileges viewing security reports they shouldn't see, potentially exposing vulnerability details or security metrics.
If Mitigated
Minimal impact with proper access controls and security report segregation already in place.
🎯 Exploit Status
Requires authenticated access and specific configuration conditions
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 18.4.5, 18.5.3, or 18.6.1
Vendor Advisory: https://about.gitlab.com/releases/2025/11/26/patch-release-gitlab-18-6-1-released/
Restart Required: Yes
Instructions:
1. Backup your GitLab instance. 2. Update to GitLab EE 18.4.5, 18.5.3, or 18.6.1 depending on your current version. 3. Restart GitLab services. 4. Verify the update was successful.
🔧 Temporary Workarounds
Restrict Security Report Access
allTighten access controls on security reports and review user permissions
Disable Security Reports
allTemporarily disable security report features if not critical
🧯 If You Can't Patch
- Review and restrict user permissions for security report access
- Implement network segmentation to limit access to GitLab security features
🔍 How to Verify
Check if Vulnerable:
Check GitLab version via Admin Area or command lineCheck Version:
sudo gitlab-rake gitlab:env:info | grep VersionVerify Fix Applied:
Verify version is 18.4.5, 18.5.3, or 18.6.1 or higher📡 Detection & Monitoring
Log Indicators:
- Unusual access patterns to security reports
- Multiple failed access attempts to security features
Network Indicators:
- Unusual API calls to security report endpoints
SIEM Query:
source="gitlab" AND (event="security_report_access" OR path="/api/v4/security/*")