CVE-2025-1908 in Community Editioninfo

Zusammenfassung

von MITRE • 24.04.2025

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

GitLab

Reservieren

03.03.2025

Veröffentlichung

24.04.2025

Moderieren

akzeptiert

Eintrag

VDB-306060

CPE

bereit

CWE

CWE-840 (bestätigt)

CVSS

7.7 (CNA)

EPSS

0.00050

KEV

nein

Aktivitäten

very low

Sektor

Pharma, Chemical, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-1908
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-1908
CVE Details	https://www.cvedetails.com/cve/CVE-2025-1908/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!