CVE-2025-1198
published 2025-02-13CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived…
PriorityP427medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.24%
14.6th percentile
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 17.6.5-1 (sid) | gitlab 17.6.5-1 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 16.11 < 17.6.5 | 17.6.5 |
| gitlab | gitlab | >= 16.11.0 < 17.6.5 | 17.6.5 |
| gitlab | gitlab | >= 17.7 < 17.7.4 | 17.7.4 |
| gitlab | gitlab | >= 17.7.0 < 17.7.4 | 17.7.4 |
| gitlab | gitlab | >= 17.8 < 17.8.2 | 17.8.2 |
| gitlab | gitlab | >= 17.8.0 < 17.8.2 | 17.8.2 |
| gitlab | gitlab_ce | — | — |
| msrc | cbl2_kernel_5.15.67.1-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_kernel_5.10.144.1-1_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
vendor_debian4.2MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
vendor_redhat·2025-03-13·CVSS 4.4
CVE-2025-29768 [MEDIUM] CWE-88 vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.
A flaw was found in Vim's zip.vim plugin. This vulnerability allows potential data loss via specially crafted zip files when a user views the archive in Vim and presses 'x' on an unusual filename.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to
GitLab
CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-
vendor_gitlab·2025-02-13·CVSS 4.2
CVE-2025-1198 [MEDIUM] CWE-613 CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-
CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
Red Hat
kernel: vsock/bpf: return early if transport is not assigned
vendor_redhat·2025-01-31·CVSS 5.5
CVE-2025-21670 [MEDIUM] CWE-476 kernel: vsock/bpf: return early if transport is not assigned
kernel: vsock/bpf: return early if transport is not assigned
In the Linux kernel, the following vulnerability has been resolved:
vsock/bpf: return early if transport is not assigned
Some of the core functions can only be called if the transport
has been assigned.
As Michal reported, a socket might have the transport at NULL,
for example after a failed connect(), causing the following trace:
BUG: kernel NULL pointer dereference, address: 00000000000000a0
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 12faf8067 P4D 12faf8067 PUD 113670067 PMD 0
Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 15 UID: 0 PID: 1198 Comm: a.out Not tainted 6.13.0-rc2+
RIP: 0010:vsock_connectible_has_data+0x1f/0x40
Call Trace:
vsock_bpf_recvmsg+0xca/0x5e0
sock_recvmsg+0xb9/
Debian
CVE-2025-1198: gitlab - An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 1...
vendor_debian·2025·CVSS 4.2
CVE-2025-1198 [MEDIUM] CVE-2025-1198: gitlab - An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 1...
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
Scope: local
sid: resolved (fixed in 17.6.5-1)
Microsoft
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
vendor_msrc·2022-08-09·CVSS 5.5
CVE-2022-1198 [MEDIUM] CWE-416 A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE
GHSA
GHSA-x774-v4vm-3h8m: An issue discovered in GitLab CE/EE affecting all versions from 16
ghsa_unreviewed·2025-02-13
CVE-2025-1198 [MEDIUM] CWE-613 GHSA-x774-v4vm-3h8m: An issue discovered in GitLab CE/EE affecting all versions from 16
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
OSV
CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16
osv·2025-02-13·CVSS 5.3
CVE-2025-1198 [MEDIUM] CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
No detection rules found.
No public exploits indexed.
arXiv
Security Analysis of Agentic AI Communication Protocols: A Comparative Evaluation
arxiv_fulltext·2025-11-05
Security Analysis of Agentic AI Communication Protocols: A Comparative Evaluation
Security Analysis of Agentic AI Communication Protocols: A Comparative Evaluation
Yedidel Louck 0009-0008-5836-8736, Ariel Stulman 0000-0003-1191-007X, Amit Dvir 0000-0002-3670-0784
Yedidel Louck and Amit Dvir are with the Department of Computer and Software Engineering, Ariel Cyber Innovation Center, Ariel University, Israel. Ariel Stulman is with the Department of Computer Science, Jerusalem College of Technology, Israel
[email protected], [email protected], [email protected]
## Abstract
Multi-agent systems (MAS) powered by artificial intelligence (AI) are increasingly foundational to complex, distributed workflows. Yet, the security of their underlying communication protocols remains critically under-examined. This paper presents the first empirical, comparative sec
arXiv
Improving Google A2A Protocol: Protecting Sensitive Data and Mitigating Unintended Harms in Multi-Agent Systems
arxiv_fulltext·2025-08-28
Improving Google A2A Protocol: Protecting Sensitive Data and Mitigating Unintended Harms in Multi-Agent Systems
Improving Google A2A Protocol: Protecting Sensitive Data and Mitigating Unintended Harms in Multi-Agent Systems
Yedidel Louck 0009-0008-5836-8736, Ariel Stulman 0000-0003-1191-007X, Amit Dvir 0000-0002-3670-0784
Yedidel Louck and Amit Dvir are with Department of Computer and Software Engineering, Ariel Cyber Innovation Center, Ariel University, Israel. Ariel Stulman is with Department of Computer Science, Jerusalem College of Technology, Israel
[email protected], [email protected], [email protected]
## Abstract
Google’s A2A protocol provides a secure communication framework for AI agents but demonstrates critical limitations when handling highly sensitive information such as payment credentials and identity documents. These gaps increase the risk of unintended harms, in
Bugzilla
CVE-2025-29768 vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
bugzilla·2025-03-13·CVSS 4.4
CVE-2025-29768 [MEDIUM] CVE-2025-29768 vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
CVE-2025-29768 vim: Vim vulnerable to potential data loss with zip.vim and special crafted zip files
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.
2025-02-13
Published