EXECUTIVE SUMMARY:
GitLab has released updates for Community Edition (CE) and Enterprise Edition (EE) to address multiple vulnerabilities affecting self-managed instances. The denial-of-service (DoS) issues in event collection, JSON validation, and file uploads, which could allow unauthenticated attackers to crash GitLab instances. Additional flaws include access control vulnerabilities in the runner API and unauthorized execution in CE pipeline builds. It issues involve business logic errors and missing authorizations that could lead to unintended access. All self-managed installations should be upgraded immediately to mitigate these risks.
- CVE-2025-10497: It is a denial-of-service (DoS) vulnerability in GitLabs event collection feature. It allows unauthenticated users to send specially crafted payloads that exhaust system resources, potentially causing service disruption. It might trigger performance bottlenecks, slow down operations and tasks. The vulnerability has a CVSS score of 7.5.
- CVE-2025-11447: It is a denial-of-service (DoS) vulnerability in GitLab affecting JSON validation through GraphQL requests. It enables anonymous requests to deliver malicious payloads that can overload the system and potentially disrupt API functionality. This flaw may also affect API reliability and slow down legitimate requests. The vulnerability has a CVSS score of 7.5.
- CVE-2025-11974: It is a denial-of-service (DoS) vulnerability in GitLabs file upload functionality. It permits the upload of large or specially crafted files that consume excessive system resources, potentially disrupting service availability. Exploitation of this vulnerability could degrade system performance and affect multiple users simultaneously. The vulnerability has a CVSS score of 6.5.
- CVE-2025-11702: It is an access control vulnerability in GitLabs runner API for Enterprise Edition (EE). It facilitates hijacking of runners by authenticated users across multiple projects, potentially executing unauthorized tasks and compromising project workflows. It results in unauthorized modifications to project builds, creating security and operational risks. The vulnerability has a CVSS score of 8.5.
- CVE-2025-11971: It is an authorization vulnerability in GitLab pipeline builds for Community Edition (CE). It empowers manipulation of commits to execute unauthorized pipeline actions, potentially compromising build integrity. Its insertion of malicious build steps, tampering with artifacts, or triggering unintended deployments. The vulnerability has a CVSS score of 6.5.
- CVE-2025-6601: It is a business logic vulnerability in GitLabs group membership management for Enterprise Edition (EE). It may grant unintended access or privilege escalation due to improper handling of group membership logic. It might create inconsistent permission states, resulting in accidental data exposure or violations of access policies. The vulnerability has a CVSS score of 3.8.
- CVE-2025-11989: It is a vulnerability in GitLabs quick actions feature for Enterprise Edition (EE) caused by missing authorization checks. It authorizes unintended command execution or access to restricted functionality. It executes scripted quick actions at scale, corrupt project state, or expose sensitive configuration. The vulnerability has a CVSS score of 3.7.
RECOMMENDATION:
- We strongly recommend you update GitLab CE/EE to version 18.5.1, 18.4.3 and 18.3.5.
REFERENCES:
The following reports contain further technical details:
