3 matches found
EUVD-2025-208573
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to access Virtual Registry data in groups where they are not members due to improper authorization under certain...
CVE-2025-9825 Missing Authorization in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project membership to view sensitive manual CI/CD variables by querying the GraphQL API...
CVE-2025-9825
GitLab CE/EE vulnerability CVE-2025-9825 affects versions 13.7–18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2. Root cause: GraphQL API authentication flaw could allow authenticated users without project membership to view sensitive manual CI/CD variables. The issue has been remediated in patc...