{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:31:50.155","vulnerabilities":[{"cve":{"id":"CVE-2025-13929","sourceIdentifier":"cve@gitlab.com","published":"2026-03-11T16:16:19.043","lastModified":"2026-03-13T12:33:51.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an unauthenticated user to cause a denial of service by issuing specially crafted requests to repository archive endpoints under certain conditions."},{"lang":"es","value":"GitLab ha remediado un problema en GitLab CE/EE que afecta a todas las versiones desde la 10.0 anterior a la 18.7.6, la 18.8 anterior a la 18.8.6 y la 18.9 anterior a la 18.9.2 que podría haber permitido a un usuario no autenticado causar una denegación de servicio mediante la emisión de solicitudes especialmente diseñadas a los puntos finales de archivo del repositorio bajo ciertas condiciones."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"18.7.6","matchCriteriaId":"E552588B-B0F4-40F4-98FD-394F30ABFE22"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"18.7.6","matchCriteriaId":"85D6F660-B145-4890-AE32-F4FEFDE35C98"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.8.0","versionEndExcluding":"18.8.6","matchCriteriaId":"B703CB01-7F6D-4D6E-AE88-CF2F8012CA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.8.0","versionEndExcluding":"18.8.6","matchCriteriaId":"2B1F834B-A628-4894-A531-1A2A60DD58D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.9.0","versionEndExcluding":"18.9.2","matchCriteriaId":"44EAE9A6-5ED9-42F6-9BBD-0E2F8072F0D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.9.0","versionEndExcluding":"18.9.2","matchCriteriaId":"12A2DEC0-C471-4C98-960C-405209403AB9"}]}]}],"references":[{"url":"https://about.gitlab.com/releases/2026/03/11/patch-release-gitlab-18-9-2-released/","source":"cve@gitlab.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/582738","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/582738","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3441004","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}