VYPR
Unrated severityNVD Advisory· Published Aug 27, 2025· Updated Aug 27, 2025

Missing Authorization in GitLab

CVE-2025-2246

Description

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

39

Patches

Vulnerability mechanics

References

2

News mentions

1