VYPR
Unrated severityNVD Advisory· Published Feb 12, 2025· Updated Feb 12, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab

CVE-2025-1212

Description

An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information.

Affected products

236

Patches

Vulnerability mechanics

References

1

News mentions

1