CVE-2025-1908 in Community Editioninformação

Sumário

de MITRE • 24/04/2025

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

GitLab

Reservar

03/03/2025

Divulgação

24/04/2025

Moderação

aceite

Entrada

VDB-306060

CPE

pronto

CWE

CWE-840 (confirmado)

CVSS

7.7 (CNA)

EPSS

0.00050

KEV

não

Atividades

muito baixo

Sector

Pharma, Insurance, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-1908
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-1908
CVE Details	https://www.cvedetails.com/cve/CVE-2025-1908/

◂ Voltar Visão Geral Próximo ▸

Do you need the next level of professionalism?

Upgrade your account now!