PT-2026-3765 · Gitlab · Gitlab Ce/Ee

Publicado

2026-01-21

Atualizado

2026-03-06

CVE-2025-13927

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.9 through 18.6.3 GitLab CE/EE versions 18.7 through 18.7.1 GitLab CE/EE versions 18.8 through 18.8.1

Description GitLab CE/EE is affected by an issue related to unrestricted resource allocation. An unauthenticated attacker can potentially cause a denial of service by sending specially crafted requests with malformed authentication data. The issue impacts the GitLab Jira Connect integration.

Recommendations GitLab CE/EE versions 11.9 through 18.6.3 should be updated to version 18.6.4 or later. GitLab CE/EE versions 18.7 through 18.7.1 should be updated to version 18.7.2 or later. GitLab CE/EE versions 18.8 through 18.8.1 should be updated to version 18.8.2 or later.

Exploit

Correção

DoS

Allocation of Resources Without Limits

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770

Identificadores relacionados

BDU:2026-00786

BIT-GITLAB-2025-13927

CVE-2025-13927

Produtos afetados

Gitlab Ce/Ee

PT-2026-3765 · Gitlab · Gitlab Ce/Ee

CVE-2025-13927

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19