CVE-2025-4979 – GitLab Information Disclosure Vulnerability

May 22, 2025

CVE ID : CVE-2025-4979

Published : May 22, 2025, 2:16 p.m. | 2 hours, 30 minutes ago

Description : An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating their own variable and observing the HTTP response.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5076 – FreeFloat FTP Server Buffer Overflow

Next Article CVE-2025-4575 – OpenSSL -addreject Option Truncation Vulnerability

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

I’ve been using this Alienware 240Hz gaming monitor for 2 years — less than $1 a day if I’d bought it with this Prime Day discount

Final Fantasy IX Remake possibly cancelled according to latest rumors — Which may be the saddest way to celebrate this legendary game’s 25th anniversary

I back up everything on this rugged 4TB SSD — here’s why I recommend it at 40% off

Token Limit – Monitor token usage in AI context files

Token Limit – Monitor token usage in AI context files

Perficient Named a 2025 Best Place to Work in Orange County!

Perficient Recognized by Leading Analyst Firm for Automotive and Mobility Expertise

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

My favorite “non-gaming” gaming accessory is down to its lowest price for Prime Day | XREAL’s AR glasses give you a virtual cinema screen for Xbox Cloud Gaming, Netflix, PC gaming handhelds, and more

I’ve been using this Alienware 240Hz gaming monitor for 2 years — less than $1 a day if I’d bought it with this Prime Day discount

Final Fantasy IX Remake possibly cancelled according to latest rumors — Which may be the saddest way to celebrate this legendary game’s 25th anniversary

CVE-2025-4979 – GitLab Information Disclosure Vulnerability

CVE-2025-20324 – Splunk Enterprise/Cloud Platform System Source Type Configuration Injection Vulnerability

CVE-2025-20325 – Splunk Enterprise and Cloud Platform Search Head Cluster Secret Key Exposure

AI agents will be ambient, but not autonomous – what that means for us

CVE-2025-6705 – Microsoft Azure DevOps Open-VSX Unauthorized Build Script Execution Vulnerability

CVE-2025-32887 – GoTenna Frequency Hopping Command Channel Interception Vulnerability

CVE-2025-6399 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Critical Vulnerability

Calibrate your Monitor with these Open Source Tools

CVE-2025-26783 – Samsung Mobile Processor, Wearable Processor, and Modem Exynos RRC Denial of Service Vulnerability

CVE-2025-48381 – CVAT Information Disclosure Vulnerability

I’ve been in tech for decades. Here are 10 ways my home lab keeps me sharp – and employable

CVE-2025-4979 – GitLab Information Disclosure Vulnerability

Related Posts