CVE-2025-1212

Medium

Published: 12 February 2025

Published

12 February 2025

Modified

06 August 2025

KEV Added

—

Patch

—

CVSS Score 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS Score 0.0005 16.1th percentile

Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1212 is a medium-severity Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) vulnerability in Gitlab Gitlab. Its CVSS base score is 4.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Code Repositories (T1213.003); ranked at the 16.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Threat & Defense at a Glance

What attackers do: exploitation maps to Code Repositories (T1213.003). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Timely flaw remediation through patching directly prevents exploitation of this information disclosure vulnerability as recommended by upgrading GitLab to fixed versions.

SI-10 Information Input Validation good match

prevent

Validating information inputs rejects crafted requests that could trigger the backend server to disclose sensitive information.

SI-15 Information Output Filtering good match

prevent

Filtering information outputs prevents the exposure of sensitive data in responses to low-privileged users' crafted requests.

MITRE ATT&CK Enterprise TechniquesAI

T1213.003 Code Repositories Collection

Adversaries may leverage code repositories to collect valuable information.

attack.mitre.org →

Why these techniques?

Direct info disclosure from GitLab code repository via crafted request enables T1213.003.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information.

Deeper analysisAI

CVE-2025-1212 is an information disclosure vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE), affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. The issue enables an attacker to send a crafted request to a backend server, resulting in the exposure of sensitive information. It is associated with CWE-497 and carries a CVSS v3.1 base score of 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

The vulnerability can be exploited by a low-privileged authenticated user over the network with low attack complexity and no requirement for user interaction. Successful exploitation achieves a low-impact disclosure of confidential information without impacting integrity or availability.

Mitigation is available by upgrading to GitLab 17.6.5, 17.7.4, 17.8.2, or later versions. Further details on the issue and resolution are provided in the GitLab security advisory at https://gitlab.com/gitlab-org/gitlab/-/issues/502196.

Details

CWE(s): CWE-497 NVD-CWE-noinfo

Affected Products

gitlab

8.3.0 — 17.6.5 · 8.3.0 — 17.6.5 · 17.7.0 — 17.7.4

CVEs Like This One

CVE-2025-1042Same product: Gitlab Gitlab

CVE-2025-8099Same product: Gitlab Gitlab

CVE-2026-5173Same product: Gitlab Gitlab

CVE-2026-1092Same product: Gitlab Gitlab

CVE-2026-2745Same product: Gitlab Gitlab

CVE-2025-13928Same product: Gitlab Gitlab

CVE-2025-0376Same product: Gitlab Gitlab

CVE-2025-12664Same product: Gitlab Gitlab

CVE-2026-3988Same product: Gitlab Gitlab

CVE-2025-14513Same product: Gitlab Gitlab

References

https://gitlab.com/gitlab-org/gitlab/-/issues/502196
Broken Link · cve@gitlab.com