March 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
SvcStealer Malware Targeting Users to Extract Sensitive Data from Browsers and Applications – Active IOCs
March 24, 2025Critical Chrome Vulnerability Allows Attackers to Execute Arbitrary Code
March 24, 2025SvcStealer Malware Targeting Users to Extract Sensitive Data from Browsers and Applications – Active IOCs
March 24, 2025Critical Chrome Vulnerability Allows Attackers to Execute Arbitrary Code
March 24, 2025
Severity
Medium
Analysis Summary
CVE-2025-0652 CVSS:4.3
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by incorrect authorization.
CVE-2025-2045 CVSS:4.3
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization.
Impact
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-0652
CVE-2025-2045
Affected Vendors
- GitLab
Affected Products
- GitLab - 17.9
- GitLab - 16.9
- GitLab - 17.8
- GitLab - 17.7.0
Remediation
Upgrade to the latest version of GitLab, available from the GitLab Website.