CVE-2025-0765 in Community Edition
Summary
by MITRE • 07/24/2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 08/09/2025
This vulnerability in GitLab CE/EE represents a significant authorization flaw that could enable unauthorized access to sensitive email communication channels within the platform. The issue affects multiple version ranges including 17.9 through 18.0.4, 18.1 through 18.1.2, and 18.2 through 18.2.0, indicating a widespread impact across the GitLab ecosystem. The vulnerability specifically targets the service desk email functionality, which serves as a critical communication interface between users and support teams within GitLab instances.
The technical flaw stems from inadequate access controls within the service desk email address handling mechanisms. This allows unauthorized users to potentially enumerate or access custom service desk email addresses that should typically be restricted to authorized personnel only. The vulnerability operates at the application level and could be exploited through various attack vectors that manipulate the service desk email address retrieval processes. According to CWE classification, this represents a weakness in authorization controls where proper access validation fails to occur during service desk email address access operations.
The operational impact of this vulnerability extends beyond simple information disclosure, as it could enable attackers to harvest email addresses for phishing campaigns or social engineering attacks. Service desk email addresses often contain sensitive information about project teams, support contacts, and organizational communication patterns. An attacker could leverage this information to craft targeted attacks against specific users or teams within the organization. The vulnerability could also facilitate reconnaissance activities where attackers map out legitimate communication channels within the GitLab instance.
From a threat modeling perspective, this vulnerability aligns with ATT&CK technique T1589 which involves reconnaissance activities to gather information about target systems. The flaw could be exploited by threat actors to identify legitimate email addresses that could be used for further attacks or to understand the communication structure of the organization. Security professionals should consider this vulnerability in their risk assessment frameworks as it represents a potential entry point for more sophisticated attacks that could lead to privilege escalation or data exfiltration.
Organizations should immediately apply the relevant patches to their GitLab installations to mitigate this vulnerability. The affected versions require upgrading to the patched releases 18.0.5, 18.1.3, or 18.2.1 respectively. Network segmentation and monitoring of service desk email address access patterns should be implemented as additional defensive measures. Security teams should also review access logs for any suspicious activity related to service desk email address retrieval operations. The vulnerability demonstrates the importance of maintaining current software versions and implementing proper access control mechanisms within collaboration platforms.