CVE-2025-14594 – This vulnerability allows authenticated users t... (How to Fix)

Q: What is the severity of CVE-2025-14594?

CVE-2025-14594 has a CVSS score of 3.5 (LOW). This vulnerability allows authenticated users to view certain pipeline values via API queries in affected GitLab versions. It affects all GitLab CE/EE instances running vulnerable versions, potentially exposing sensitive pipeline data to unauthorized authenticated users.

📋 TL;DR

This vulnerability allows authenticated users to view certain pipeline values via API queries in affected GitLab versions. It affects all GitLab CE/EE instances running vulnerable versions, potentially exposing sensitive pipeline data to unauthorized authenticated users.

💻 Affected Systems

Products:

GitLab Community Edition
GitLab Enterprise Edition

Versions: 17.11 to 18.6.5, 18.7 to 18.7.3, 18.8 to 18.8.3

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments with vulnerable versions are affected; requires authenticated user access.

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could access sensitive pipeline configuration data, secrets, or credentials stored in pipeline variables, leading to further system compromise.

🟠

Likely Case

Authenticated users with limited permissions could view pipeline variables they shouldn't have access to, potentially exposing internal configuration details or non-critical secrets.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to information disclosure of non-critical pipeline data to authenticated users.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access and API query knowledge; detailed in HackerOne report.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 18.6.6, 18.7.4, or 18.8.4

Vendor Advisory: https://about.gitlab.com/releases/2026/02/10/patch-release-gitlab-18-8-4-released/

Restart Required: Yes

Instructions:

1. Backup GitLab instance. 2. Update to patched version via package manager (apt/yum) or Omnibus. 3. Restart GitLab services. 4. Verify update with gitlab-rake gitlab:env:info.

🔧 Temporary Workarounds

Restrict API Access

all

Limit API access to trusted users only via firewall rules or GitLab access controls.

Audit Pipeline Variables

all

Review and remove sensitive data from pipeline variables; use external secret managers.

🧯 If You Can't Patch

Implement strict access controls to limit authenticated user permissions.
Monitor API logs for unusual pipeline query patterns and implement alerting.

🔍 How to Verify

Check if Vulnerable:

Check GitLab version with: sudo gitlab-rake gitlab:env:info | grep 'GitLab version'

Check Version:

sudo gitlab-rake gitlab:env:info | grep 'GitLab version'

Verify Fix Applied:

Confirm version is 18.6.6, 18.7.4, or 18.8.4+ using same command.

📡 Detection & Monitoring

Log Indicators:

Unusual API queries to pipeline endpoints from authenticated users
Multiple failed or successful pipeline variable access attempts

Network Indicators:

Increased API traffic to /api/v4/projects/*/pipelines endpoints

SIEM Query:

source="gitlab" AND (uri_path="/api/v4/projects/*/pipelines" OR uri_path="/api/v4/pipelines/*") AND user_agent!="GitLab-Shell"

📊 Metadata

CVE ID: CVE-2025-14594

CVSS v3 Score: 3.5 (LOW)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CWE: CWE-639

EPSS Score: 0.01% exploit probability (1.6th percentile)

Published: February 11, 2026

Last Updated: February 13, 2026

🔗 References

https://about.gitlab.com/releases/2026/02/10/patch-release-gitlab-18-8-4-released/ Release Notes,Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/583967 Broken Link,Issue Tracking
https://hackerone.com/reports/3457591 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14594, you might also want to check these: