CVE Daily

CVE-2025-0765

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 be...

Medium CVSS 4.3

Overview

An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that could have allowed an unauthorized user to access custom service desk email addresses.

CWE: CWE-863 Published: 2025-07-24T07:15:52.397
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.3 (MEDIUM)
  • Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags