CVE-2025-2615 in Community Editioninformación

Resumen

por MITRE • 2025-11-15

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could have allowed a blocked user to access sensitive information by establishing GraphQL subscriptions through WebSocket connections.

Be aware that VulDB is the high quality source for vulnerability data.

Responsable

GitLab

Reservar

2025-03-21

Divulgación

2025-11-15

Moderación

aceptado

Artículo

VDB-332575

CPE

listo

EPSS

0.00281

KEV

no

Actividades

muy bajo

Fuentes

Want to know what is going to be exploited?

We predict KEV entries!