CNNVD-202507-3521 Information

CNNVD ID

CNNVD-202507-3521

Related CVE

CVE-2025-8279

• CNNVD Published: 2025-07-28

Description (Chinese)

GitLab Language Server是美国GitLab公司的一个语言服务器。 GitLab Language Server 7.6.0至7.30.0之前版本存在访问控制错误漏洞，该漏洞源于输入验证不足，可能导致任意GraphQL查询执行。

Description (English)

GitLab Language Server is a language server of the United States company GitLab. Prior to GitLab Language Server 7.6.0 to 7.3.0, there was a bug in access control, which stemmed from a lack of input validation, which could lead to the execution of any GraphQL queries.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

GitLab

Published

2025-07-28

Last Modified

2026-02-24

References

https://gitlab.com/gitlab-org/gitlab/-/issues/538205 https://access.redhat.com/security/cve/cve-2025-8279

Patch

https://gitlab.com/