GitLab CE/EE Sensitive Token Exposure Vulnerability

Vulnerability

A vulnerability exists in GitLab CE/EE versions 13.2 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1. This vulnerability could allow an authenticated user with access to certain logs to retrieve sensitive tokens under specific conditions.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive tokens, which may be misused to compromise user accounts or access restricted resources.

Added: Nov 26, 2025, 8:22 PM

Updated: Nov 26, 2025, 8:22 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GitLab CE/EE Sensitive Token Exposure Vulnerability

Vulnerability

Impact

Affected Products

GitLab

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating