CVE Daily

CVE-2025-1212

An information disclosure vulnerability in GitLab CE/EE affecting all versions f...

Medium CVSS 4.3

Overview

An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information.

CWE: CWE-497 Published: 2025-02-12T15:15:18.290
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.3 (MEDIUM)
  • Detected tags: info_leak (tag impact: LOW)

Recommended actions:

  • Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Recommended tools

Tags