Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-5101

Опубликовано: 27 авг. 2025
Источник: nvd
CVSS3: 5
EPSS Низкий

Описание

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that under certain conditions could have allowed an authenticated attacker to distribute malicious code that appears harmless in the web interface by taking advantage of ambiguity between branches and tags during repository imports.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Версия до 18.1.5 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия до 18.1.5 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Версия от 18.2.0 (включая) до 18.2.5 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия от 18.2.0 (включая) до 18.2.5 (исключая)
cpe:2.3:a:gitlab:gitlab:18.3.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:18.3.0:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 3%
0.00019
Низкий

5 Medium

CVSS3

Дефекты

CWE-94

Связанные уязвимости

debian логотип

CVE-2025-5101

CVSS3: 5
debian
21 день назад

An issue has been discovered in GitLab CE/EE affecting all versions be ...

github логотип

GHSA-3c57-hg33-rhrp

CVSS3: 5
github
21 день назад

An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that under certain conditions could have allowed an authenticated attacker to distribute malicious code that appears harmless in the web interface by taking advantage of ambiguity between branches and tags during repository imports.

EPSS

Процентиль: 3%
0.00019
Низкий

5 Medium

CVSS3

Дефекты

CWE-94