PT-2026-24905 · Gitlab+3 · Gitlab+1
Published
2026-03-12
·
Updated
2026-03-14
·
CVE-2026-1182
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab CE/EE versions 8.14 through 18.7.5
GitLab CE/EE versions 18.8 through 18.8.5
GitLab CE/EE versions 18.9 through 18.9.1
Description
GitLab has addressed an issue in GitLab Community Edition (CE) and Enterprise Edition (EE) that could allow an authenticated user to gain unauthorized access to the title of a confidential issue created in public projects under specific conditions. The issue involves improper handling of sensitive information.
Recommendations
GitLab versions 8.14 through 18.7.5 should be updated to version 18.7.6 or later.
GitLab versions 18.8 through 18.8.5 should be updated to version 18.8.6 or later.
GitLab versions 18.9 through 18.9.1 should be updated to version 18.9.2 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab
Gitlab Ce/Ee