{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T03:47:40.738","vulnerabilities":[{"cve":{"id":"CVE-2025-1299","sourceIdentifier":"cve@gitlab.com","published":"2025-07-24T07:15:52.680","lastModified":"2025-07-28T13:23:04.953","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by sending a crafted request."},{"lang":"es","value":"Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde la 15.4 hasta la 18.0.5, todas las versiones desde la 18.1 hasta la 18.1.3 y todas las versiones desde la 18.2 hasta la 18.2.1 que, en determinadas circunstancias, podría haber permitido que un usuario no autorizado lea los registros de trabajos de implementación mediante el envío de una solicitud manipulada específicamente para ello."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"15.4","versionEndExcluding":"18.0.5","matchCriteriaId":"445E0AD2-4A54-4A29-9506-035A9CB49AF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"15.4","versionEndExcluding":"18.0.5","matchCriteriaId":"329FB7F6-E717-480B-8A0E-212223662340"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.1.0","versionEndExcluding":"18.1.3","matchCriteriaId":"F6FBDC48-B16F-4DE3-8A25-650EA1B3A7E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.1.0","versionEndExcluding":"18.1.3","matchCriteriaId":"1BD9DE80-2A4C-421F-98AC-25F160771956"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:18.2:*:*:*:community:*:*:*","matchCriteriaId":"C56C6B73-A79C-4B34-82FA-6451CCA9C093"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:18.2:*:*:*:enterprise:*:*:*","matchCriteriaId":"8931BAA0-5961-46EC-BF0C-62EE4E8A7BE1"}]}]}],"references":[{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/519696","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/2969145","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}