{"vulnerability": "CVE-2025-1257", "sightings": [{"uuid": "2102bff2-10ef-4724-b1d8-35d66e1a51da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12571", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m6l2dqyroe2a", "content": "", "creation_timestamp": "2025-11-26T23:51:33.475937Z"}, {"uuid": "fc53a81a-0576-41d9-82f2-fb7c8d9acd0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1257", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "a8bf3d1b-bd66-4e41-9bb0-7a374c3689c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12571", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1ccb44bf-a9c4c3feac15ed01", "content": "", "creation_timestamp": "2025-11-29T09:22:55.749681Z"}, {"uuid": "718f7441-14c2-48a5-9ea0-4d5b11f9a662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12571", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3m6mmc2leh72h", "content": "", "creation_timestamp": "2025-11-27T14:45:23.561026Z"}, {"uuid": "088c80ba-e236-48ab-9ea9-c1616c802fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12575", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3melmweqeno2j", "content": "", "creation_timestamp": "2026-02-11T13:55:15.611601Z"}, {"uuid": "7e87e89a-6f82-4597-9b77-213c6eb4f60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12570", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7rkri4as322", "content": "", "creation_timestamp": "2025-12-12T07:26:43.582394Z"}, {"uuid": "6b0d6eac-32c1-4112-ae3b-05a41efdd19f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12570", "type": "seen", "source": "https://gist.github.com/Darkcrai86/dd3ba4afb5fc1bcdb26fcc5ae6cc130a", "content": "", "creation_timestamp": "2025-12-12T08:11:52.000000Z"}, {"uuid": "d142a435-a981-415e-b4fa-af4cd25a05d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12570", "type": "seen", "source": "https://gist.github.com/Darkcrai86/6809d59e952403d7af05efdc426e2f1d", "content": "", "creation_timestamp": "2025-12-12T09:40:21.000000Z"}, {"uuid": "2b7a3f4e-3191-48aa-825e-505a7e8bd186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12576", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mgull4qogo2n", "content": "", "creation_timestamp": "2026-03-12T14:15:24.804064Z"}, {"uuid": "76b268c6-881f-47fd-b410-da3e3892600e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12573", "type": "seen", "source": "https://gist.github.com/Darkcrai86/c186eb7957a52a903a57b3cb6094d4b5", "content": "", "creation_timestamp": "2026-01-20T07:27:07.000000Z"}, {"uuid": "4bb98635-2575-4be7-8810-c60b96f6efe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-12573", "type": "seen", "source": "https://gist.github.com/Darkcrai86/522b534048f7308a730105dbd6beab97", "content": "", "creation_timestamp": "2026-01-20T07:47:15.000000Z"}, {"uuid": "60050a49-19fe-4baa-ac64-6c6c07b2dac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-12576", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities_20260313", "content": "", "creation_timestamp": "2026-03-12T16:00:00.000000Z"}, {"uuid": "a00fd2ac-dfd3-4c1a-8a67-c3f2fafdf5c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1257", "type": "seen", "source": "https://t.me/cvedetector/20194", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1257 - GitLab API Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1257 \nPublished : March 13, 2025, 6:15 a.m. | 1\u00a0hour, 20\u00a0minutes ago \nDescription : An issue was discovered in GitLab EE affecting all versions starting with 12.3 before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. A vulnerability in certain GitLab instances could allow an attacker to cause a denial of service condition by manipulating specific API inputs. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T08:55:43.000000Z"}, {"uuid": "d8e29be5-8378-4045-9de0-c8862ff279b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1257", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7572", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1257\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An issue was discovered in GitLab EE affecting all versions starting with 12.3 before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. A vulnerability in certain GitLab instances could allow an attacker to cause a denial of service condition by manipulating specific API inputs.\n\ud83d\udccf Published: 2025-03-13T06:00:36.063Z\n\ud83d\udccf Modified: 2025-03-14T13:44:11.141Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/519348\n2. https://hackerone.com/reports/2984218", "creation_timestamp": "2025-03-14T14:45:32.000000Z"}, {"uuid": "9ad72fd4-b5d5-4ad6-868f-787b23a7795f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1257", "type": "seen", "source": "https://t.me/YAH_Channel/967", "content": "\u041f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043f\u0440\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 GitLab\n\u041a\u0430\u043a \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u0443 \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0447\u0430\u0441\u0442\u0435\u043d\u044c\u043a\u043e \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 GitLab \u0432 \u043f\u0430\u0431\u043b\u0438\u043a. \u0414\u0430 \u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0435\u0433\u043e... \n\n\u042d\u0442\u043e \u0443\u0434\u043e\u0431\u043d\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0443, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043a\u043e\u0433\u0434\u0430 \u0435\u0441\u0442\u044c \u043a\u0443\u0447\u0430 \u043f\u043e\u0434\u0440\u044f\u0434\u0447\u0438\u043a\u043e\u0432. \u041a\u043e\u043c\u0444\u043e\u0440\u0442\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441, web-\u0445\u0443\u043a\u0438, CI-\u0432\u0438\u0434\u0436\u0435\u0442\u044b, \u0432\u0441\u0451 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438\u0437 \u043a\u043e\u0440\u043e\u0431\u043a\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0442\u043e\u0442 \u0436\u0435 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0432\u044b\u043c, \u0447\u0442\u043e \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u043a\u0430\u043d\u0435\u0440\u044b \u0442\u0438\u043f\u0430 Shodan \u0438 Censys. \u0414\u0430\u043b\u044c\u0448\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0443\u0435\u043c\u043e.\n\n\u041a\u0430\u043a \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f\n1. \u041e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438\n\u0412 \u043d\u043e\u0432\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0435\u0435 \u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442, \u043d\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u043d\u0430 help \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043e\u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430. GitLab \u043f\u043e\u0434\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u043a\u0430\u043a\u043e\u0439 \u043f\u0430\u0442\u0447 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b\u0441\u044f \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0440\u0430\u0437. \u0415\u0441\u043b\u0438 \u0432\u0435\u0440\u0441\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u043b\u0430, \u0441\u043f\u0438\u0441\u043e\u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 CVE \u0443\u0436\u0435 \u0433\u043e\u0442\u043e\u0432.\n2. Remote Code Execution\n\u0414\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2025-1257, CVE-2022-2884 \u0438 \u0442. \u0434.) \u0434\u0430\u0432\u043d\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0441\u043a\u0440\u0438\u043f\u0442\u044b-\u043f\u043b\u0435\u0439\u0431\u0443\u043a\u0438. \u0412\u0440\u0435\u043c\u044f \u043e\u0442 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0431\u0430\u043d\u043d\u0435\u0440\u0430 \u0434\u043e shell \u2014 \u043c\u0438\u043d\u0443\u0442\u044b.\n3. \u0414\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u043c \u0438 Runner-\u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 RCE \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0432 gitlab variables, CI-\u0442\u043e\u043a\u0435\u043d\u044b, deploy-keys, \u0430 \u043d\u0435\u0440\u0435\u0434\u043a\u043e \u0438 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0432 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u0430\u0445.\n4. \u0420\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0432\u043d\u0443\u0442\u0440\u0438 \u0441\u0435\u0442\u0438\n\u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u043e\u043a\u0435\u043d\u043e\u0432 CI/CD \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u0442 \u0431\u044d\u043a\u0434\u043e\u0440 \u0432 \u043f\u0430\u0439\u043f\u043b\u0430\u0439\u043d\u0430\u0445, \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0440\u043e\u0434-\u0441\u0435\u0440\u0432\u0435\u0440\u0443, \u0430 \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u0438\u043b\u0438 \u0442\u0438\u0445\u0443\u044e \u043f\u043e\u0434\u043c\u0435\u043d\u0443 \u043a\u043e\u0434\u0430.\n5. Supply-chain-\u044d\u0444\u0444\u0435\u043a\u0442\n\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c, \u043f\u0430\u0440\u0442\u043d\u0451\u0440\u0430\u043c, \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u2014 \u0443\u0449\u0435\u0440\u0431 \u0432\u044b\u0445\u043e\u0434\u0438\u0442 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043e\u0434\u043d\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u041f\u043e\u0447\u0435\u043c\u0443 \u0440\u0438\u0441\u043a \u043d\u0435\u0434\u043e\u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\n- GitLab \u0432\u043e\u0441\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0432\u0442\u043e\u0440\u0430\u044f Jira. \u041f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u043d\u0443\u0442\u0440\u0438 \u0447\u0430\u0441\u0442\u043e \u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u0434\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u044b \u043a Kubernetes, Ansible playbooks \u0438 \u0442\u043e\u043a\u0435\u043d\u044b \u043e\u0431\u043b\u0430\u043a\u0430.\n- \u0421\u0435\u0440\u0432\u0438\u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u0434\u043a\u043e: \u043c\u0430\u0436\u043e\u0440\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0442\u0435\u0441\u0442\u043e\u0432, \u0440\u0430\u043d\u043d\u0435\u0440\u043e\u0432 \u0438 \u0438\u043d\u043e\u0433\u0434\u0430 \u0434\u0430\u0443\u043d\u0442\u0430\u0439\u043c\u0430. \u041f\u0430\u0442\u0447\u0438 \u043e\u0442\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e\u0442\n- \u00ab\u041d\u0443 \u0438 \u0447\u0442\u043e, \u0443 GitLab \u0436\u0435 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f\u00bb \u2014 \u0434\u0430, \u043d\u043e \u0431\u0435\u0437 MFA \u0438 VPN \u043e\u043d\u0430 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0432\u043e\u043f\u0440\u043e\u0441\u043e\u043c \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u0430 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438\u043b\u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u0430.\n\n\u0427\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c\n1. GitLab \u0441\u043f\u0440\u044f\u0442\u0430\u0442\u044c \u0437\u0430 VPN; \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u2014 reverse proxy \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432\n2. \u0417\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0442\u043e\u043a\u0435\u043d\u044b: \u0440\u043e\u0442\u0430\u0446\u0438\u044f \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432; \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 deploy-keys \u0432\u043d\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\n3. \u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f. \u0418\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0430\u043f gitlab-backup; \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u0441\u0442\u0435\u043d\u0434\u0435.", "creation_timestamp": "2025-07-15T17:19:41.000000Z"}]}