Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the debug/pprof endpoints. An attacker can access sensitive server internals, including runtime profiling data and in-memory application state, and trigger CPU-intensive profiling operations that could impact...

CVE-2025-2469

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users...

CVE-2025-2469

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users...

CVE-2025-2469 Debug Messages Revealing Unnecessary Information in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users...

CVE-2025-2469 Debug Messages Revealing Unnecessary Information in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.9.6, and 17.10 before 17.10.4. The runtime profiling data of a specific service was accessible to unauthenticated users...

PT-2025-15987 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.9 through 17.9.5 GitLab CE/EE versions 17.10 through 17.10.3 Description: An issue exists in GitLab Community Edition CE and Enterprise Edition EE where runtime profiling data of a specific service was accessible to...