Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2025-4976

An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under certain circumstances, could have allowed an attacker to access internal notes in GitLab Duo responses.

  • Published: Jul 24, 2025
  • Updated: Jul 29, 2025
  • CVE: CVE-2025-4976
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

Software From Fixed in
gitlab / gitlab 18.1.0 18.1.3
gitlab / gitlab 18.2 18.2.x
gitlab / gitlab 17.0.0 18.0.5