{"id":8812,"date":"2025-07-24T02:41:05","date_gmt":"2025-07-24T02:41:05","guid":{"rendered":"http:\/\/localhost\/?p=8812"},"modified":"2025-07-24T02:41:05","modified_gmt":"2025-07-24T02:41:05","slug":"exposure-of-sensitive-information-due-to-incompatible-policies-in-gitlab","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8812","title":{"rendered":"Exposure of Sensitive Information Due to Incompatible Policies in GitLab"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nExposure of Sensitive Information Due to Incompatible Policies in GitLab<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-24T06:05:37.730Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-24T06:05:37.730Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nGitLab<\/td>\n<\/tr>\n
Product<\/th>\nGitLab<\/td>\n<\/tr>\n
Version<\/th>\n17.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n4.3 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:N\/A:N<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA vulnerability in GitLab EE could allow attackers to access internal notes in GitLab Duo responses under certain conditions. This issue affects multiple versions of GitLab EE and could expose sensitive information.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nGitLab<\/td>\n<\/tr>\n
AI Product<\/th>\nGitLab EE<\/td>\n<\/tr>\n
AI Version<\/th>\n17.0 before 18.0.5, 18.1 before 18.1.3, 18.2 before 18.2.1<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n