Security Advisory

CVE-2025-2246

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-27 19:34:00

Last updated 2025-08-27 19:49:56

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API.

← Browse all CVEs View on cve.org ↗