Vulnerabilities

CVE-2025-11990 - Improper Handling of URL Encoding (Hex Encoding) in GitLab

2025-11-15 0 views admin

CVE ID : CVE-2025-11990 Published : Nov. 15, 2025, 8:15 a.m. | 41 minutes ago Description : GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses. Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-11990

Severity

LOW

Published

Nov. 15, 2025

Affected Product: GitLab

Impact: CSRF

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-11990low

CVE-2025-11990 - Improper Handling of URL Encoding (Hex Encoding) in GitLab

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15252 - Tenda M3 setDhcpAP formSetRemoteDhcpForAp stack-based overflow

CVE-2025-15253 - Tenda M3 exeCommand stack-based overflow

CVE-2025-68618 - Magick's failure to limit the depth of SVG file reads caused a DoS attack.

CVE-2025-15255 - Tenda W6-S R7websSsecurityHandler httpd stack-based overflow

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting