CVE-2025-0549
EUVD-2025-1417409.05.2025, 17:15
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.3 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. A security vulnerability allows attackers to bypass Device OAuth flow protections, enabling authorization form submission through minimal user interaction.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gitlab | gitlab | 17.3.0 ≤ 𝑥 < 17.9.8 |
| gitlab | gitlab | 17.3.0 ≤ 𝑥 < 17.9.8 |
| gitlab | gitlab | 17.10.0 ≤ 𝑥 < 17.10.6 |
| gitlab | gitlab | 17.10.0 ≤ 𝑥 < 17.10.6 |
| gitlab | gitlab | 17.11.0 ≤ 𝑥 < 17.11.2 |
| gitlab | gitlab | 17.11.0 ≤ 𝑥 < 17.11.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration