CVE-2025-0194 | GitLab Community Edition/Enterprise Edition up to 17.5.0/17.6.0/17.7.0 API Request file information disclosure (Issue 489459)

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 17.5.0/17.6.0/17.7.0. This issue affects some unknown processing of the component API Request Handler. The manipulation leads to file and directory information exposure.

The identification of this vulnerability is CVE-2025-0194. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0194 | GitLab Community Edition/Enterprise Edition up to 17.5.0/17.6.0/17.7.0 API Request file information disclosure (Issue 489459)

Related Posts

CVE-2024-41514 | CADClick up to 1.11.0 PrevPgGroup.aspx wer cross site scripting

CVE-2023-41075 | Apple iOS/iPadOS type confusion

CVE-2024-47104 | IBM i 7.4/7.5 Physical File Security Attributes permission assignment

CVE-2024-7314 | anji-plus AJ-Report up to 1.4.0 HTTP Request /swagger-ui insufficient permissions or privileges