CVE-2025-1110
LOWDescription
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| gitlab | gitlab |
| gitlab | gitlab |
References
Frequently Asked Questions
What is CVE-2025-1110? +
How severe is CVE-2025-1110? +
What products are affected by CVE-2025-1110? +
How do I check if I'm vulnerable to CVE-2025-1110? +
Related Vulnerabilities
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application …
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain …
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially …
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS …
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through …
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could …