CVE-2025-4976 | GitLab Enterprise Edition up to 18.0.4/18.1.2/18.2.0 Duo Response exposure of sensitive information due to incompatible policies

A vulnerability classified as problematic was found in GitLab Enterprise Edition up to 18.0.4/18.1.2/18.2.0. Affected by this vulnerability is an unknown functionality of the component Duo Response Handler. The manipulation leads to exposure of sensitive information due to incompatible policies.

This vulnerability is known as CVE-2025-4976. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More