CVE-2025-13772 | GitLab Enterprise Edition up to 18.5.4/18.6.2/18.7.0 API Request authorization (Issue 581268)

A vulnerability has been found in GitLab Enterprise Edition up to 18.5.4/18.6.2/18.7.0 and classified as critical. The impacted element is an unknown function of the component API Request Handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-13772. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More