CVE-2025-12073 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 Git Repository Import server-side request forgery

Inserito da Angelo Barbosa | Feb 11, 2026 | CVE

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 18.6.5/18.7.3/18.8.3 and classified as critical. Affected by this issue is some unknown functionality of the component Git Repository Import. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-12073. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2025-12073 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 Git Repository Import server-side request forgery

Post correlati

CVE-2025-24784 | kubewarden-controller up to 1.20.x improper authorization (GHSA-756x-m4mj-q96c)

CVE-2024-13369 | GoodLayers Tour Master Plugin up to 5.3.6 on WordPress sql injection

CVE-2024-2742 | Planet IGS-4215-16T2S 1.305b210528 IP Address os command injection

CVE-2024-2119 | LuckyWP Table of Contents Plugin up to 2.1.4 on WordPress cross site scripting