Security Advisory

CVE-2025-2867

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-27 14:02:18

Last updated 2025-03-27 14:18:32

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users.

← Browse all CVEs View on cve.org ↗