March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Microsoft Windows Vulnerabilities
March 11, 2025Multiple QNAP Products Vulnerabilities
March 11, 2025Multiple Microsoft Windows Vulnerabilities
March 11, 2025Multiple QNAP Products Vulnerabilities
March 11, 2025
Severity
Medium
Analysis Summary
CVE-2024-10925 CVSS:5.3
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization check.
CVE-2024-8186 CVSS:5.4
GitLab is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the self hosted instances.
CVE-2025-0307 CVSS:4.3
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization.
Impact
- Information Disclosure
- Cross-site Scripting
Indicators of Compromise
CVE
CVE-2024-10925
CVE-2024-8186
CVE-2025-0307
Affected Vendors
- GitLab
Affected Products
- GitLab - 17.9
- GitLab - 17.8.3
- GitLab - 17.7.5
Remediation
Upgrade to the latest version of GitLab, available from the GitLab Website.