{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T03:08:00.796","vulnerabilities":[{"cve":{"id":"CVE-2025-13927","sourceIdentifier":"cve@gitlab.com","published":"2026-01-22T15:16:47.453","lastModified":"2026-01-26T21:07:51.377","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data."},{"lang":"es","value":"GitLab ha remediado un problema en GitLab CE/EE que afecta a todas las versiones desde la 11.9 (anteriores a la 18.6.4), las versiones 18.7 (anteriores a la 18.7.2) y las versiones 18.8 (anteriores a la 18.8.2) que podría haber permitido a un usuario no autenticado crear una condición de denegación de servicio mediante el envío de solicitudes especialmente diseñadas con datos de autenticación malformados."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"11.9.0","versionEndExcluding":"18.6.4","matchCriteriaId":"E8BB9DB9-9C9A-450E-A8B6-2C01F9DEB420"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"11.9.0","versionEndExcluding":"18.6.4","matchCriteriaId":"0A2FCA01-DEC6-402D-9738-9F157067AE88"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.7.0","versionEndExcluding":"18.7.2","matchCriteriaId":"7E36C974-4A52-424A-8758-E45B750C013E"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.7.0","versionEndExcluding":"18.7.2","matchCriteriaId":"F71560B5-1000-45F1-8A5C-078D6C3D03E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.8.0","versionEndExcluding":"18.8.2","matchCriteriaId":"582D13A9-DEEE-4E3F-BFC5-61F270C99B86"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.8.0","versionEndExcluding":"18.8.2","matchCriteriaId":"760BBB79-D5BD-4871-8522-3C2C7E65767B"}]}]}],"references":[{"url":"https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/","source":"cve@gitlab.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/582737","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3439683","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}