8.1 High
AI Score
Confidence
Low
0.03 Low
EPSS
Percentile
90.9%
In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient parameter sanitization for the Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions.
about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/
about.gitlab.com/blog/categories/releases/