CVE-2025-2615 in Community Edition
Resumen
por MITRE • 2025-11-15
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could have allowed a blocked user to access sensitive information by establishing GraphQL subscriptions through WebSocket connections.
Be aware that VulDB is the high quality source for vulnerability data.