Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
GitLab: Unauthorized Access to Jira Connect Credentials
CVE-2026-2370
Summary
A security issue has been fixed in GitLab that could allow a user with limited permissions to access Jira Connect credentials. This could lead to unauthorized access to your Jira account. Update to the latest version of GitLab to ensure your Jira connection is secure.
Original title
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allo...
Original description
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab app due to improper authorization checks.
nvd CVSS3.1
8.1
Vulnerability type
CWE-233
Published: 30 Mar 2026 · Updated: 30 Mar 2026 · First seen: 30 Mar 2026