Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-25291 (GCVE-0-2025-25291)
Vulnerability from cvelistv5 – Published: 2025-03-12 20:16 – Updated: 2025-11-03 19:44
VLAI?
EPSS
Title
ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)
Summary
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue.
Severity ?
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://github.com/SAML-Toolkits/ruby-saml/securi… | x_refsource_CONFIRM |
| https://github.com/omniauth/omniauth-saml/securit… | x_refsource_MISC |
| https://github.com/SAML-Toolkits/ruby-saml/commit… | x_refsource_MISC |
| https://github.com/SAML-Toolkits/ruby-saml/commit… | x_refsource_MISC |
| https://about.gitlab.com/releases/2025/03/12/patc… | x_refsource_MISC |
| https://github.blog/security/sign-in-as-anyone-by… | x_refsource_MISC |
| https://github.com/SAML-Toolkits/ruby-saml/releas… | x_refsource_MISC |
| https://github.com/SAML-Toolkits/ruby-saml/releas… | x_refsource_MISC |
| https://portswigger.net/research/saml-roulette-th… | x_refsource_MISC |
| https://securitylab.github.com/advisories/GHSL-20… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SAML-Toolkits | ruby-saml |
Affected:
< 1.12.4
Affected: >= 1.13.0, < 1.18.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25291",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T20:06:31.066662Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T20:06:50.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:44:59.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250314-0010/"
},
{
"url": "https://news.ycombinator.com/item?id=43374519"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ruby-saml",
"vendor": "SAML-Toolkits",
"versions": [
{
"status": "affected",
"version": "\u003c 1.12.4"
},
{
"status": "affected",
"version": "\u003e= 1.13.0, \u003c 1.18.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436: Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T19:07:07.030Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm"
},
{
"name": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv"
},
{
"name": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9"
},
{
"name": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97"
},
{
"name": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released",
"tags": [
"x_refsource_MISC"
],
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released"
},
{
"name": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials"
},
{
"name": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4"
},
{
"name": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0"
},
{
"name": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins",
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins"
},
{
"name": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml",
"tags": [
"x_refsource_MISC"
],
"url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml"
}
],
"source": {
"advisory": "GHSA-4vc4-m8qh-g8jm",
"discovery": "UNKNOWN"
},
"title": "ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-25291",
"datePublished": "2025-03-12T20:16:12.181Z",
"dateReserved": "2025-02-06T17:13:33.122Z",
"dateUpdated": "2025-11-03T19:44:59.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-25291",
"date": "2026-05-24",
"epss": "0.20843",
"percentile": "0.95694"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-25291\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-03-12T21:15:42.000\",\"lastModified\":\"2025-11-03T20:17:58.333\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue.\"},{\"lang\":\"es\",\"value\":\"ruby-saml proporciona inicio de sesi\u00f3n \u00fanico (SSO) con lenguaje de marcado para aserciones de seguridad (SAML) para Ruby. Se detect\u00f3 una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en ruby-saml anterior a las versiones 1.12.4 y 1.18.0 debido a una diferencia en el analizador. ReXML y Nokogiri analizan XML de forma diferente; los analizadores pueden generar estructuras de documento completamente distintas a partir de la misma entrada XML. Esto permite a un atacante ejecutar un ataque de envoltura de firma. Este problema puede provocar la omisi\u00f3n de autenticaci\u00f3n. Las versiones 1.12.4 y 1.18.0 solucionan el problema.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"},{\"lang\":\"en\",\"value\":\"CWE-436\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"1.10.6\",\"matchCriteriaId\":\"AB57A4CB-E546-42D7-AB8D-D86E979C80C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.1.3\",\"matchCriteriaId\":\"58E37D56-71A9-417D-B0DD-EBDC2EA3855F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.3\",\"matchCriteriaId\":\"9549FF35-D7A0-446A-87C8-552C8D89CD92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:onelogin:ruby-saml:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.12.4\",\"matchCriteriaId\":\"EB0F9A57-0F32-4ECC-97B4-1F87DD7D7FD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:onelogin:ruby-saml:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13.0\",\"versionEndExcluding\":\"1.18.0\",\"matchCriteriaId\":\"455E8699-D6C2-4BFF-B4FD-2329E0F1E910\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ADFF451-740F-4DBA-BD23-3881945D3E40\"}]}]}],\"references\":[{\"url\":\"https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://portswigger.net/research/saml-roulette-the-hacker-always-wins\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://news.ycombinator.com/item?id=43374519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250314-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250314-0010/\"}, {\"url\": \"https://news.ycombinator.com/item?id=43374519\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-03-15T20:47:03.479Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-25291\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-03T20:06:31.066662Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-12T20:37:07.138Z\"}}], \"cna\": {\"title\": \"ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)\", \"source\": {\"advisory\": \"GHSA-4vc4-m8qh-g8jm\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"SAML-Toolkits\", \"product\": \"ruby-saml\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.12.4\"}, {\"status\": \"affected\", \"version\": \"\u003e= 1.13.0, \u003c 1.18.0\"}]}], \"references\": [{\"url\": \"https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm\", \"name\": \"https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv\", \"name\": \"https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9\", \"name\": \"https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97\", \"name\": \"https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released\", \"name\": \"https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials\", \"name\": \"https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4\", \"name\": \"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0\", \"name\": \"https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://portswigger.net/research/saml-roulette-the-hacker-always-wins\", \"name\": \"https://portswigger.net/research/saml-roulette-the-hacker-always-wins\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml\", \"name\": \"https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-347\", \"description\": \"CWE-347: Improper Verification of Cryptographic Signature\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-436\", \"description\": \"CWE-436: Interpretation Conflict\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-09-12T19:07:07.030Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-25291\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-12T19:07:07.030Z\", \"dateReserved\": \"2025-02-06T17:13:33.122Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-03-12T20:16:12.181Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0205
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.7.x antérieures à 17.7.7 | ||
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.8.x antérieures à 17.8.5 | ||
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.9.x antérieures à 17.9.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.7.x ant\u00e9rieures \u00e0 17.7.7",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.8.x ant\u00e9rieures \u00e0 17.8.5",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.9.x ant\u00e9rieures \u00e0 17.9.2",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12380"
},
{
"name": "CVE-2025-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27407"
},
{
"name": "CVE-2024-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13054"
},
{
"name": "CVE-2025-0652",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0652"
},
{
"name": "CVE-2025-25291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25291"
},
{
"name": "CVE-2025-1257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1257"
},
{
"name": "CVE-2024-8402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8402"
},
{
"name": "CVE-2025-25292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25292"
},
{
"name": "CVE-2024-7296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7296"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0205",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans GitLab. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans GitLab",
"vendor_advisories": [
{
"published_at": "2025-03-12",
"title": "Bulletin de s\u00e9curit\u00e9 GitLab",
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/"
}
]
}
CERTFR-2025-AVI-0205
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.7.x antérieures à 17.7.7 | ||
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.8.x antérieures à 17.8.5 | ||
| GitLab | GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE) | GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.9.x antérieures à 17.9.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.7.x ant\u00e9rieures \u00e0 17.7.7",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.8.x ant\u00e9rieures \u00e0 17.8.5",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
},
{
"description": "GitLab Community Edition (CE) et Enterprise Edition (EE) versions 17.9.x ant\u00e9rieures \u00e0 17.9.2",
"product": {
"name": "GitLab Community Edition (CE) et Gitlab Enterprise Edition (EE)",
"vendor": {
"name": "GitLab",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12380"
},
{
"name": "CVE-2025-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27407"
},
{
"name": "CVE-2024-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13054"
},
{
"name": "CVE-2025-0652",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0652"
},
{
"name": "CVE-2025-25291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25291"
},
{
"name": "CVE-2025-1257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1257"
},
{
"name": "CVE-2024-8402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8402"
},
{
"name": "CVE-2025-25292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25292"
},
{
"name": "CVE-2024-7296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7296"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0205",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans GitLab. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans GitLab",
"vendor_advisories": [
{
"published_at": "2025-03-12",
"title": "Bulletin de s\u00e9curit\u00e9 GitLab",
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/"
}
]
}
BDU:2025-02818
Vulnerability from fstec - Published: 12.03.2025
VLAI Severity ?
Title
Уязвимость протокола единого входа SAML SSO библиотеки Ruby SAML и программной платформы на базе git для совместной работы над кодом GitLab CE/EE, позволяющая нарушителю обойти аутентификацию
Description
Уязвимость протокола единого входа SAML SSO библиотеки Ruby SAML и программной платформы на базе git для совместной работы над кодом GitLab CE/EE связана с ошибками проверки криптографической подписи. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти аутентификацию
Severity ?
Vendor
Сообщество свободного программного обеспечения, Ruby Team, GitLab Inc.
Software Name
Debian GNU/Linux, Ruby SAML, Omniauth SAML, Gitlab
Software Version
11 (Debian GNU/Linux), 12 (Debian GNU/Linux), от 1.13.0 до 1.18.0 (Ruby SAML), до 1.12.4 (Ruby SAML), до 2.2.3 (Omniauth SAML), до 2.1.3 (Omniauth SAML), до 1.10.6 (Omniauth SAML), до 17.7.7 (Gitlab), до 17.8.5 (Gitlab), до 17.9.2 (Gitlab)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для GitLab CE/EE:
https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/
Для Ruby-saml:
https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials
https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9
https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97
https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4
https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0
https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2
https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2025-25291
Reference
https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released
https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials
https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9
https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97
https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4
https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0
https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2
https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv
https://security-tracker.debian.org/tracker/CVE-2025-25291
CWE
CWE-347, CWE-436
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"CVSS 4.0": "AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Ruby Team, GitLab Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "11 (Debian GNU/Linux), 12 (Debian GNU/Linux), \u043e\u0442 1.13.0 \u0434\u043e 1.18.0 (Ruby SAML), \u0434\u043e 1.12.4 (Ruby SAML), \u0434\u043e 2.2.3 (Omniauth SAML), \u0434\u043e 2.1.3 (Omniauth SAML), \u0434\u043e 1.10.6 (Omniauth SAML), \u0434\u043e 17.7.7 (Gitlab), \u0434\u043e 17.8.5 (Gitlab), \u0434\u043e 17.9.2 (Gitlab)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f GitLab CE/EE:\nhttps://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/\n\n\u0414\u043b\u044f Ruby-saml:\nhttps://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials\t\nhttps://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9\t\nhttps://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97\t\nhttps://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4\t\nhttps://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0\t\nhttps://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2\t\nhttps://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2025-25291",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "17.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.03.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-02818",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-25291",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Ruby SAML, Omniauth SAML, Gitlab",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0435\u0434\u0438\u043d\u043e\u0433\u043e \u0432\u0445\u043e\u0434\u0430 SAML SSO \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Ruby SAML \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 git \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0430\u0434 \u043a\u043e\u0434\u043e\u043c GitLab CE/EE, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 (CWE-347), \u041a\u043e\u043d\u0444\u043b\u0438\u043a\u0442 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0446\u0438\u0439 (CWE-436)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0435\u0434\u0438\u043d\u043e\u0433\u043e \u0432\u0445\u043e\u0434\u0430 SAML SSO \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Ruby SAML \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 git \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0430\u0434 \u043a\u043e\u0434\u043e\u043c GitLab CE/EE \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u043f\u0438\u0441\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released\t\nhttps://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials\t\nhttps://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9\t\nhttps://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97\t\nhttps://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4\t\nhttps://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0\t\nhttps://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-754f-8gm6-c4r2\t\nhttps://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv\nhttps://security-tracker.debian.org/tracker/CVE-2025-25291",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-347, CWE-436",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,4)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,1)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
bit-gitlab-2025-25291
Vulnerability from bitnami_vulndb
Published
2025-04-14 11:55
Modified
2025-11-06 13:25
Summary
ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)
Details
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "gitlab",
"purl": "pkg:bitnami/gitlab"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.9.2"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2025-25291"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
],
"severity": "Critical"
},
"details": "ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue.",
"id": "BIT-gitlab-2025-25291",
"modified": "2025-11-06T13:25:46.476Z",
"published": "2025-04-14T11:55:18.579Z",
"references": [
{
"type": "WEB",
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released"
},
{
"type": "WEB",
"url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm"
},
{
"type": "WEB",
"url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=43374519"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25291"
},
{
"type": "WEB",
"url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250314-0010/"
},
{
"type": "WEB",
"url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html"
}
],
"schema_version": "1.6.2",
"summary": "ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)"
}
FKIE_CVE-2025-25291
Vulnerability from fkie_nvd - Published: 2025-03-12 21:15 - Updated: 2025-11-03 20:17
Severity ?
Summary
ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| omniauth | omniauth_saml | * | |
| omniauth | omniauth_saml | * | |
| omniauth | omniauth_saml | * | |
| onelogin | ruby-saml | * | |
| onelogin | ruby-saml | * | |
| netapp | storagegrid | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "AB57A4CB-E546-42D7-AB8D-D86E979C80C1",
"versionEndExcluding": "1.10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "58E37D56-71A9-417D-B0DD-EBDC2EA3855F",
"versionEndExcluding": "2.1.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omniauth:omniauth_saml:*:*:*:*:*:ruby:*:*",
"matchCriteriaId": "9549FF35-D7A0-446A-87C8-552C8D89CD92",
"versionEndExcluding": "2.2.3",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:onelogin:ruby-saml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0F9A57-0F32-4ECC-97B4-1F87DD7D7FD6",
"versionEndExcluding": "1.12.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:onelogin:ruby-saml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "455E8699-D6C2-4BFF-B4FD-2329E0F1E910",
"versionEndExcluding": "1.18.0",
"versionStartIncluding": "1.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADFF451-740F-4DBA-BD23-3881945D3E40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ruby-saml provides security assertion markup language (SAML) single sign-on (SSO) for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack. This issue may lead to authentication bypass. Versions 1.12.4 and 1.18.0 fix the issue."
},
{
"lang": "es",
"value": "ruby-saml proporciona inicio de sesi\u00f3n \u00fanico (SSO) con lenguaje de marcado para aserciones de seguridad (SAML) para Ruby. Se detect\u00f3 una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en ruby-saml anterior a las versiones 1.12.4 y 1.18.0 debido a una diferencia en el analizador. ReXML y Nokogiri analizan XML de forma diferente; los analizadores pueden generar estructuras de documento completamente distintas a partir de la misma entrada XML. Esto permite a un atacante ejecutar un ataque de envoltura de firma. Este problema puede provocar la omisi\u00f3n de autenticaci\u00f3n. Las versiones 1.12.4 y 1.18.0 solucionan el problema."
}
],
"id": "CVE-2025-25291",
"lastModified": "2025-11-03T20:17:58.333",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-03-12T21:15:42.000",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=43374519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20250314-0010/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
},
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-4VC4-M8QH-G8JM
Vulnerability from github – Published: 2025-03-12 20:20 – Updated: 2025-11-03 21:33
VLAI?
Summary
Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)
Details
Summary
An authentication bypass vulnerability was found in ruby-saml due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack.
Impact
This issue may lead to authentication bypass.
Severity ?
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "ruby-saml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.12.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "ruby-saml"
},
"ranges": [
{
"events": [
{
"introduced": "1.13.0"
},
{
"fixed": "1.18.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-25291"
],
"database_specific": {
"cwe_ids": [
"CWE-347",
"CWE-436"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-12T20:20:24Z",
"nvd_published_at": "2025-03-12T21:15:42Z",
"severity": "CRITICAL"
},
"details": "### Summary\nAn authentication bypass vulnerability was found in ruby-saml due to a parser differential.\nReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping attack.\n\n### Impact\nThis issue may lead to authentication bypass.",
"id": "GHSA-4vc4-m8qh-g8jm",
"modified": "2025-11-03T21:33:11Z",
"published": "2025-03-12T20:20:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-4vc4-m8qh-g8jm"
},
{
"type": "WEB",
"url": "https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-hw46-3hmr-x9xv"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25291"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e76c5b36bac40aedbf1ba7ffaaf495be63328cd9"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/commit/e9c1cdbd0f9afa467b585de279db0cbd0fb8ae97"
},
{
"type": "WEB",
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released"
},
{
"type": "WEB",
"url": "https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials"
},
{
"type": "PACKAGE",
"url": "https://github.com/SAML-Toolkits/ruby-saml"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.12.4"
},
{
"type": "WEB",
"url": "https://github.com/SAML-Toolkits/ruby-saml/releases/tag/v1.18.0"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-saml/CVE-2025-25291.yml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=43374519"
},
{
"type": "WEB",
"url": "https://portswigger.net/research/saml-roulette-the-hacker-always-wins"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250314-0010"
},
{
"type": "ADVISORY",
"url": "https://securitylab.github.com/advisories/GHSL-2024-329_GHSL-2024-330_ruby-saml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)"
}
NCSC-2025-0087
Vulnerability from csaf_ncscnl - Published: 2025-03-14 09:14 - Updated: 2025-03-14 09:14Summary
Kwetsbaarheden verholpen in GitLab
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: GitLab heeft kwetsbaarheden verholpen in GitLab EE/CE versies van 11.5 tot 17.9.2.
Interpretaties: De kwetsbaarheden omvatten onder andere een probleem waarbij gebruikers met aangepaste rechten meer lidmaatschapsverzoeken kunnen goedkeuren dan waar ze recht op hebben, wat kan leiden tot ongeautoriseerde toegang tot beperkte gebieden binnen het platform. Daarnaast zijn er kwetsbaarheden in de Google Cloud IAM-integratiefunctie die kwaadwillenden in staat kunnen stellen om kwaadaardige code in het systeem in te voeren. Er zijn ook kwetsbaarheden die gevoelige authenticatie-informatie kunnen blootstellen en een denial-of-service kunnen veroorzaken door manipulatie van specifieke invoer. Bovendien zijn er kritieke kwetsbaarheden in de ruby-saml-bibliotheek en de graphql-ruby-bibliotheek die kunnen leiden tot ongeautoriseerde toegang en remote code execution. Deze kwetsbaarheden vereisen onmiddellijke aandacht van beveiligingsbeheerders.
Oplossingen: GitLab heeft patches en updates uitgebracht om deze kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-473: PHP External Variable Modification
CWE-347: Improper Verification of Cryptographic Signature
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-436: Interpretation Conflict
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-863: Incorrect Authorization
CWE-209: Generation of Error Message Containing Sensitive Information
CWE-863
- Incorrect Authorization
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
CWE-77
- Improper Neutralization of Special Elements used in a Command ('Command Injection')
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
4.4 (Medium)
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
6.5 (Medium)
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
4.3 (Medium)
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
6.5 (Medium)
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
CWE-347
- Improper Verification of Cryptographic Signature
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
CWE-347
- Improper Verification of Cryptographic Signature
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
9.0 (Critical)
Affected products
Known affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/17.7.6
GitLab / Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:unknown/17.7.0
GitLab / Enterprise Edition
|
vers:unknown/17.7.0 | ||
|
vers:unknown/17.9.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.6
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.6 | ||
|
vers:unknown/17.7.5
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.5 | ||
|
vers:unknown/17.7.4
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.4 | ||
|
vers:unknown/17.7.3
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.3 | ||
|
vers:unknown/17.7.2
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.2 | ||
|
vers:unknown/17.7.1
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.1 | ||
|
vers:semver/<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/<17.7.7 | |
|
vers:semver/17.9|<17.9.2
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.9|<17.9.2 | |
|
vers:semver/17.8|<17.8.5
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.8|<17.8.5 | |
|
vers:semver/17.2|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/17.2|<17.7.7 | |
|
vers:semver/16.9|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.9|<17.7.7 | |
|
vers:semver/16.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/16.5|<17.7.7 | |
|
vers:semver/12.3|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/12.3|<17.7.7 | |
|
vers:semver/11.5|<17.7.7
GitLab / GitLab
|
cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
|
vers:semver/11.5|<17.7.7 | |
|
vers:unknown/17.9.1
GitLab / Enterprise Edition
|
vers:unknown/17.9.1 | ||
|
vers:unknown/17.9.0
GitLab / Enterprise Edition
|
vers:unknown/17.9.0 | ||
|
vers:unknown/17.8.4
GitLab / Enterprise Edition
|
vers:unknown/17.8.4 | ||
|
vers:unknown/17.8.3
GitLab / Enterprise Edition
|
vers:unknown/17.8.3 | ||
|
vers:unknown/17.8.2
GitLab / Enterprise Edition
|
vers:unknown/17.8.2 | ||
|
vers:unknown/17.8.1
GitLab / Enterprise Edition
|
vers:unknown/17.8.1 | ||
|
vers:unknown/17.8.0
GitLab / Enterprise Edition
|
vers:unknown/17.8.0 | ||
|
vers:unknown/17.7.0
GitLab / Community Edition, Enterprise Edition
|
vers:unknown/17.7.0 |
References
10 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "GitLab heeft kwetsbaarheden verholpen in GitLab EE/CE versies van 11.5 tot 17.9.2.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten onder andere een probleem waarbij gebruikers met aangepaste rechten meer lidmaatschapsverzoeken kunnen goedkeuren dan waar ze recht op hebben, wat kan leiden tot ongeautoriseerde toegang tot beperkte gebieden binnen het platform. Daarnaast zijn er kwetsbaarheden in de Google Cloud IAM-integratiefunctie die kwaadwillenden in staat kunnen stellen om kwaadaardige code in het systeem in te voeren. Er zijn ook kwetsbaarheden die gevoelige authenticatie-informatie kunnen blootstellen en een denial-of-service kunnen veroorzaken door manipulatie van specifieke invoer. Bovendien zijn er kritieke kwetsbaarheden in de ruby-saml-bibliotheek en de graphql-ruby-bibliotheek die kunnen leiden tot ongeautoriseerde toegang en remote code execution. Deze kwetsbaarheden vereisen onmiddellijke aandacht van beveiligingsbeheerders.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "GitLab heeft patches en updates uitgebracht om deze kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "PHP External Variable Modification",
"title": "CWE-473"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Interpretation Conflict",
"title": "CWE-436"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/"
}
],
"title": "Kwetsbaarheden verholpen in GitLab",
"tracking": {
"current_release_date": "2025-03-14T09:14:59.775984Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0087",
"initial_release_date": "2025-03-14T09:14:59.775984Z",
"revision_history": [
{
"date": "2025-03-14T09:14:59.775984Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/17.7.6",
"product": {
"name": "vers:unknown/17.7.6",
"product_id": "CSAFPID-2476827"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.5",
"product": {
"name": "vers:unknown/17.7.5",
"product_id": "CSAFPID-2423675"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.4",
"product": {
"name": "vers:unknown/17.7.4",
"product_id": "CSAFPID-2423674"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.3",
"product": {
"name": "vers:unknown/17.7.3",
"product_id": "CSAFPID-2059906"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.2",
"product": {
"name": "vers:unknown/17.7.2",
"product_id": "CSAFPID-2059905"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.1",
"product": {
"name": "vers:unknown/17.7.1",
"product_id": "CSAFPID-2059904"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.0",
"product": {
"name": "vers:unknown/17.7.0",
"product_id": "CSAFPID-2059903"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.9.1",
"product": {
"name": "vers:unknown/17.9.1",
"product_id": "CSAFPID-2476830"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.9.0",
"product": {
"name": "vers:unknown/17.9.0",
"product_id": "CSAFPID-2476829"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.4",
"product": {
"name": "vers:unknown/17.8.4",
"product_id": "CSAFPID-2476828"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.3",
"product": {
"name": "vers:unknown/17.8.3",
"product_id": "CSAFPID-2423678"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.2",
"product": {
"name": "vers:unknown/17.8.2",
"product_id": "CSAFPID-2423677"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.1",
"product": {
"name": "vers:unknown/17.8.1",
"product_id": "CSAFPID-2059908"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.0",
"product": {
"name": "vers:unknown/17.8.0",
"product_id": "CSAFPID-2059907"
}
}
],
"category": "product_name",
"name": "Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/17.9.1",
"product": {
"name": "vers:unknown/17.9.1",
"product_id": "CSAFPID-2476824"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.9.0",
"product": {
"name": "vers:unknown/17.9.0",
"product_id": "CSAFPID-2476823"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.4",
"product": {
"name": "vers:unknown/17.8.4",
"product_id": "CSAFPID-2476822"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.3",
"product": {
"name": "vers:unknown/17.8.3",
"product_id": "CSAFPID-2395420"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.2",
"product": {
"name": "vers:unknown/17.8.2",
"product_id": "CSAFPID-2395419"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.1",
"product": {
"name": "vers:unknown/17.8.1",
"product_id": "CSAFPID-2056775"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.8.0",
"product": {
"name": "vers:unknown/17.8.0",
"product_id": "CSAFPID-2056774"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.6",
"product": {
"name": "vers:unknown/17.7.6",
"product_id": "CSAFPID-2476821"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.5",
"product": {
"name": "vers:unknown/17.7.5",
"product_id": "CSAFPID-2395418"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.4",
"product": {
"name": "vers:unknown/17.7.4",
"product_id": "CSAFPID-2395417"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.3",
"product": {
"name": "vers:unknown/17.7.3",
"product_id": "CSAFPID-2056773"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.2",
"product": {
"name": "vers:unknown/17.7.2",
"product_id": "CSAFPID-1864576"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.1",
"product": {
"name": "vers:unknown/17.7.1",
"product_id": "CSAFPID-1864575"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/17.7.0",
"product": {
"name": "vers:unknown/17.7.0",
"product_id": "CSAFPID-1864574"
}
}
],
"category": "product_name",
"name": "Community Edition, Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c17.7.7",
"product": {
"name": "vers:semver/\u003c17.7.7",
"product_id": "CSAFPID-2476763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/17.9|\u003c17.9.2",
"product": {
"name": "vers:semver/17.9|\u003c17.9.2",
"product_id": "CSAFPID-2476758",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/17.8|\u003c17.8.5",
"product": {
"name": "vers:semver/17.8|\u003c17.8.5",
"product_id": "CSAFPID-2476757",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/17.2|\u003c17.7.7",
"product": {
"name": "vers:semver/17.2|\u003c17.7.7",
"product_id": "CSAFPID-2476764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/16.9|\u003c17.7.7",
"product": {
"name": "vers:semver/16.9|\u003c17.7.7",
"product_id": "CSAFPID-2476766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/16.5|\u003c17.7.7",
"product": {
"name": "vers:semver/16.5|\u003c17.7.7",
"product_id": "CSAFPID-2476756",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/12.3|\u003c17.7.7",
"product": {
"name": "vers:semver/12.3|\u003c17.7.7",
"product_id": "CSAFPID-2476759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:semver/11.5|\u003c17.7.7",
"product": {
"name": "vers:semver/11.5|\u003c17.7.7",
"product_id": "CSAFPID-2476762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "GitLab"
}
],
"category": "vendor",
"name": "GitLab"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7296",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7296",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7296.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
}
],
"title": "CVE-2024-7296"
},
{
"cve": "CVE-2024-8402",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8402",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8402.json"
}
],
"title": "CVE-2024-8402"
},
{
"cve": "CVE-2024-12380",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Generation of Error Message Containing Sensitive Information",
"title": "CWE-209"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12380",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-12380.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
}
],
"title": "CVE-2024-12380"
},
{
"cve": "CVE-2024-13054",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13054",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13054.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
}
],
"title": "CVE-2024-13054"
},
{
"cve": "CVE-2025-0652",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-0652",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-0652.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
}
],
"title": "CVE-2025-0652"
},
{
"cve": "CVE-2025-1257",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1257",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-1257.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
}
],
"title": "CVE-2025-1257"
},
{
"cve": "CVE-2025-25291",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "other",
"text": "Interpretation Conflict",
"title": "CWE-436"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25291",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25291.json"
}
],
"title": "CVE-2025-25291"
},
{
"cve": "CVE-2025-25292",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "other",
"text": "Interpretation Conflict",
"title": "CWE-436"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25292",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25292.json"
}
],
"title": "CVE-2025-25292"
},
{
"cve": "CVE-2025-27407",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27407",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27407.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2476827",
"CSAFPID-2423675",
"CSAFPID-2423674",
"CSAFPID-2059906",
"CSAFPID-2059905",
"CSAFPID-2059904",
"CSAFPID-2059903",
"CSAFPID-2476824",
"CSAFPID-2476823",
"CSAFPID-2476822",
"CSAFPID-2395420",
"CSAFPID-2395419",
"CSAFPID-2056775",
"CSAFPID-2056774",
"CSAFPID-2476821",
"CSAFPID-2395418",
"CSAFPID-2395417",
"CSAFPID-2056773",
"CSAFPID-1864576",
"CSAFPID-1864575",
"CSAFPID-2476763",
"CSAFPID-2476758",
"CSAFPID-2476757",
"CSAFPID-2476764",
"CSAFPID-2476766",
"CSAFPID-2476756",
"CSAFPID-2476759",
"CSAFPID-2476762",
"CSAFPID-2476830",
"CSAFPID-2476829",
"CSAFPID-2476828",
"CSAFPID-2423678",
"CSAFPID-2423677",
"CSAFPID-2059908",
"CSAFPID-2059907",
"CSAFPID-1864574"
]
}
],
"title": "CVE-2025-27407"
}
]
}
WID-SEC-W-2025-0549
Vulnerability from csaf_certbund - Published: 2025-03-12 23:00 - Updated: 2025-03-13 23:00Summary
GitLab: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: GitLab ist eine Webanwendung zur Versionsverwaltung für Softwareprojekte auf Basis von git.
Angriff: Ein Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um Informationen preiszugeben, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren und einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source GitLab <17.7.7
Open Source / GitLab
|
<17.7.7 | ||
|
Open Source GitLab <17.8.5
Open Source / GitLab
|
<17.8.5 | ||
|
Open Source GitLab <17.9.2
Open Source / GitLab
|
<17.9.2 | ||
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "GitLab ist eine Webanwendung zur Versionsverwaltung f\u00fcr Softwareprojekte auf Basis von git.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um Informationen preiszugeben, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren und einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0549 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0549.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0549 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0549"
},
{
"category": "external",
"summary": "GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7 vom 2025-03-12",
"url": "https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250314-0010 vom 2025-03-14",
"url": "https://security.netapp.com/advisory/ntap-20250314-0010/"
}
],
"source_lang": "en-US",
"title": "GitLab: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-13T23:00:00.000+00:00",
"generator": {
"date": "2025-03-14T10:44:16.279+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0549",
"initial_release_date": "2025-03-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von NetApp aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NetApp StorageGRID",
"product": {
"name": "NetApp StorageGRID",
"product_id": "920206",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:storagegrid:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.9.2",
"product": {
"name": "Open Source GitLab \u003c17.9.2",
"product_id": "T041816"
}
},
{
"category": "product_version",
"name": "17.9.2",
"product": {
"name": "Open Source GitLab 17.9.2",
"product_id": "T041816-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:17.9.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c17.8.5",
"product": {
"name": "Open Source GitLab \u003c17.8.5",
"product_id": "T041817"
}
},
{
"category": "product_version",
"name": "17.8.5",
"product": {
"name": "Open Source GitLab 17.8.5",
"product_id": "T041817-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:17.8.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c17.7.7",
"product": {
"name": "Open Source GitLab \u003c17.7.7",
"product_id": "T041818"
}
},
{
"category": "product_version",
"name": "17.7.7",
"product": {
"name": "Open Source GitLab 17.7.7",
"product_id": "T041818-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:17.7.7"
}
}
}
],
"category": "product_name",
"name": "GitLab"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12380",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2024-12380"
},
{
"cve": "CVE-2024-13054",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2024-13054"
},
{
"cve": "CVE-2024-7296",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2024-7296"
},
{
"cve": "CVE-2024-8402",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2024-8402"
},
{
"cve": "CVE-2025-0652",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2025-0652"
},
{
"cve": "CVE-2025-1257",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2025-1257"
},
{
"cve": "CVE-2025-25291",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2025-25291"
},
{
"cve": "CVE-2025-25292",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2025-25292"
},
{
"cve": "CVE-2025-27407",
"product_status": {
"known_affected": [
"T041818",
"T041817",
"T041816",
"920206"
]
},
"release_date": "2025-03-12T23:00:00.000+00:00",
"title": "CVE-2025-27407"
}
]
}
WID-SEC-W-2025-0561
Vulnerability from csaf_certbund - Published: 2025-03-13 23:00 - Updated: 2025-04-06 22:00Summary
Ruby SAML: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: RubySAML ist eine Authentifizierungsbibliothek.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ruby SAML ausnutzen, um Sicherheitsvorkehrungen zu umgehen und um einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Ruby SAML <1.12.4
Open Source / Ruby
|
SAML <1.12.4 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Hashicorp Terraform <v202502-2
Hashicorp / Terraform
|
<v202502-2 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— | |
|
Open Source Ruby SAML <1.18.0
Open Source / Ruby
|
SAML <1.18.0 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Ruby SAML <1.12.4
Open Source / Ruby
|
SAML <1.12.4 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Hashicorp Terraform <v202502-2
Hashicorp / Terraform
|
<v202502-2 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— | |
|
Open Source Ruby SAML <1.18.0
Open Source / Ruby
|
SAML <1.18.0 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Ruby SAML <1.12.4
Open Source / Ruby
|
SAML <1.12.4 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Hashicorp Terraform <v202502-2
Hashicorp / Terraform
|
<v202502-2 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
NetApp StorageGRID
NetApp
|
cpe:/a:netapp:storagegrid:-
|
— | |
|
Open Source Ruby SAML <1.18.0
Open Source / Ruby
|
SAML <1.18.0 |
References
7 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "RubySAML ist eine Authentifizierungsbibliothek.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ruby SAML ausnutzen, um Sicherheitsvorkehrungen zu umgehen und um einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0561 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0561.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0561 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0561"
},
{
"category": "external",
"summary": "Hashicorp Security Advisory HCSEC-2025-05 vom 2025-03-13",
"url": "https://discuss.hashicorp.com/t/hcsec-2025-05-terraform-enterprise-s-single-sign-on-and-ruby-saml-s-cve-2025-25291-and-cve-2025-25292/73824"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250314-0008 vom 2025-03-14",
"url": "https://security.netapp.com/advisory/ntap-20250314-0008/"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250314-0009 vom 2025-03-14",
"url": "https://security.netapp.com/advisory/ntap-20250314-0009/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7409-1 vom 2025-04-02",
"url": "https://ubuntu.com/security/notices/USN-7409-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4115 vom 2025-04-05",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00011.html"
}
],
"source_lang": "en-US",
"title": "Ruby SAML: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-06T22:00:00.000+00:00",
"generator": {
"date": "2025-04-07T10:05:18.614+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0561",
"initial_release_date": "2025-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-02T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-06T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cv202502-2",
"product": {
"name": "Hashicorp Terraform \u003cv202502-2",
"product_id": "T041913"
}
},
{
"category": "product_version",
"name": "v202502-2",
"product": {
"name": "Hashicorp Terraform v202502-2",
"product_id": "T041913-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hashicorp:terraform:v202502-2"
}
}
}
],
"category": "product_name",
"name": "Terraform"
}
],
"category": "vendor",
"name": "Hashicorp"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp StorageGRID",
"product": {
"name": "NetApp StorageGRID",
"product_id": "920206",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:storagegrid:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "SAML \u003c1.12.4",
"product": {
"name": "Open Source Ruby SAML \u003c1.12.4",
"product_id": "T041918"
}
},
{
"category": "product_version",
"name": "SAML 1.12.4",
"product": {
"name": "Open Source Ruby SAML 1.12.4",
"product_id": "T041918-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ruby-lang:ruby:saml__1.12.4"
}
}
},
{
"category": "product_version_range",
"name": "SAML \u003c1.18.0",
"product": {
"name": "Open Source Ruby SAML \u003c1.18.0",
"product_id": "T041919"
}
},
{
"category": "product_version",
"name": "SAML 1.18.0",
"product": {
"name": "Open Source Ruby SAML 1.18.0",
"product_id": "T041919-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ruby-lang:ruby:saml__1.18.0"
}
}
}
],
"category": "product_name",
"name": "Ruby"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-25291",
"product_status": {
"known_affected": [
"T041918",
"2951",
"T041913",
"T000126",
"920206",
"T041919"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-25291"
},
{
"cve": "CVE-2025-25292",
"product_status": {
"known_affected": [
"T041918",
"2951",
"T041913",
"T000126",
"920206",
"T041919"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-25292"
},
{
"cve": "CVE-2025-25293",
"product_status": {
"known_affected": [
"T041918",
"2951",
"T041913",
"T000126",
"920206",
"T041919"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-25293"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…