- Description
- An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users.
- Source
- cve@gitlab.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 4.4
- Impact score
- 2.7
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- cve@gitlab.com
- CWE-94
- Hype score
- Not currently trending
GitLab parchea vulnerabilidad en su asistente Duo que permitía robo de código (CVE-2025-2867) https://t.co/lIR8X2wacg #Internet #Noticia #Tecnología #CiberSeguridad #vulnerabilidad vía @unaaldia https://t.co/6Jn3ggB73H
@Securizame
25 May 2025
229 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
GitLab parchea vulnerabilidad en su asistente Duo que permitía robo de código (CVE-2025-2867) https://t.co/Bounb6PWE8
@escudata
24 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitLab parchea vulnerabilidad en su asistente Duo que permitía robo de código (CVE-2025-2867) https://t.co/Mwg3eo6l6f
@unaaldia
24 May 2025
449 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes