GitLab CE/EE EUVD-2025-209556

| CVE-2025-9957 LOW
Incorrect Authorization (CWE-863)
2026-04-22 GitLab GHSA-6gww-qgc8-r365
Authentication Bypass Gitlab
2.7
CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 23, 2026 - 00:17 vuln.today
Patch available
Apr 22, 2026 - 17:33 EUVD

DescriptionNVD

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user with project owner permissions to bypass group fork prevention settings due to improper authorization checks.

AnalysisAI

Authenticated project owners in GitLab CE/EE versions 11.2-18.9.5, 18.10-18.10.3, and 18.11-18.11.0 can bypass group fork prevention settings due to improper authorization checks, allowing them to create forks when they should be restricted. The vulnerability requires authentication and high-privilege access (project owner role), resulting in low severity (CVSS 2.7). Publicly available exploit code exists and patch versions have been released by the vendor.

Technical ContextAI

The vulnerability stems from CWE-863 (Incorrect Authorization) in GitLab's fork creation logic. Group administrators can configure fork prevention policies to restrict forking within a group, but the authorization checks fail to properly validate these group-level settings when a project owner initiates a fork request. The affected code likely lacks a call to verify group fork prevention rules before allowing the fork operation, permitting authenticated high-privileged users to circumvent administrative controls. This affects GitLab Community Edition (CE) and Enterprise Edition (EE) across a wide version range, from the introduction of improved fork controls in 11.2 through recent releases.

RemediationAI

Upgrade GitLab to a patched version immediately: apply GitLab 18.9.6 or later for versions before 18.10, upgrade to GitLab 18.10.4 or later for the 18.10 series, or patch to GitLab 18.11.1 or later for the 18.11 series. Until patching is possible, restrict project owner role assignments to trusted users who will not intentionally bypass fork prevention policies, and implement network-level monitoring to audit fork creation requests from high-privilege accounts. Additionally, review group fork prevention policy settings in your GitLab instances to confirm they are applied to all projects requiring fork restrictions, though this does not remediate the authorization bypass itself. Consult the GitLab work item https://gitlab.com/gitlab-org/gitlab/-/work_items/567781 for implementation details and any additional compensating controls provided by GitLab.

Share

EUVD-2025-209556 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy