Vulnerabilities

CVE-2025-9825

by Fred · 21/11/2025

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project membership to view sensitive manual CI/CD variables by querying the GraphQL API.

More information : https://about.gitlab.com/releases/2025/10/08/patch-release-gitlab-18-4-2-released/

Similar

Tags: Cybersecurity Alert