Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-2255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain...

8.7CVSS5.4AI score0.0028EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.16 views

GitLab 13.5.0 < 17.8.6 / 17.9 < 17.9.3 / 17.10 < 17.10.1 (CVE-2025-2255)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site...

8.7CVSS5.4AI score0.0028EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/03/27 12:30 p.m.13 views

CVE-2025-2255 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site Scripting attacks XSS. for AppSec...

8.7CVSS8.1AI score0.0028EPSS
Exploits1References2
CVE
CVE
added 2025/03/27 12:30 p.m.79 views

CVE-2025-2255

GitLab EE/CE AppSec is affected by CVE-2025-2255, with XSS due to error messages in versions 13.5.0–before 17.8.6, 17.9–before 17.9.3, and 17.10–before 17.10.1. The issue is rooted in improper output/handling of error messages, allowing cross-site scripting. Several connected sources corroborate ...

8.7CVSS8.1AI score0.0028EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2025/03/27 12:30 p.m.13 views

CVE-2025-2255

Removed by vendor...

8.7CVSS5.8AI score0.0028EPSS
Exploits1
Rows per page
Query Builder