Primary

Context

GitLab CE/EE GraphQL Query Vulnerability Allowing Unauthorized Access to Job Data

Vulnerability

A vulnerability exists in GitLab Community Edition (CE) and Enterprise Edition (EE) versions 18.0 prior to 18.0.1. In specific situations, a user with limited permissions could exploit a crafted GraphQL query to access Job Data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive Job Data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GitLab CE/EE GraphQL Query Vulnerability Allowing Unauthorized Access to Job Data

Vulnerability

Impact

Affected Products

GitLab CE

GitLab EE

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating