Primary

Context

GitLab CI Variable Disclosure Vulnerability

Vulnerability

A vulnerability exists in GitLab CE/EE in all versions prior to 17.10.7, 17.11 prior to 17.11.3, and 18.0 prior to 18.0.1. This issue allows an attacker to potentially expose masked or hidden CI variables, which they did not create, in the WebUI. The exploitation involves creating a personal CI variable and then monitoring the HTTP response for the disclosure of other variables.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of CI variables, potentially including sensitive information.

Reproduction

To reproduce this vulnerability, create a new CI variable in the GitLab WebUI. After saving the variable, check the HTTP response for any masked or hidden CI variables that were not authored. This can be done by observing the response in the browser's developer tools.

Remediation

Users are advised to update to GitLab versions 17.10.7, 17.11.3, or 18.0.1.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

5.6

remediation

0.0

relevance

0.0

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

2.5

exploitability

5.6

remediation

0.0

relevance

0.0

threat

1.6

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GitLab CI Variable Disclosure Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

GitLab

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating