GitLab EE Sensitive Keyword Search Vulnerability in Issue Count Retrieval

Vulnerability

A vulnerability exists in GitLab EE versions 17.1 prior to 17.8.7, 17.9 prior to 17.9.6, and 17.10 prior to 17.10.4. This issue allows attackers to conduct targeted searches using sensitive keywords to obtain counts of issues that include the searched terms.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure by allowing attackers to identify the number of issues related to specific sensitive keywords.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GitLab EE Sensitive Keyword Search Vulnerability in Issue Count Retrieval

Vulnerability

Impact

Affected Products

GitLab

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating