PT-2025-22476 · Gitlab · Gitlab Ce/Ee

Published

2025-05-22

Updated

2025-06-09

CVE-2025-2853

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions prior to 17.10.7 GitLab CE/EE version 17.11 prior to 17.11.3 GitLab CE/EE version 18.0 prior to 18.0.1

Description An issue has been discovered in GitLab CE/EE due to a lack of proper validation, which could allow an authenticated user to cause a denial of service condition.

Recommendations For GitLab CE/EE versions prior to 17.10.7, update to version 17.10.7 or later. For GitLab CE/EE version 17.11 prior to 17.11.3, update to version 17.11.3 or later. For GitLab CE/EE version 18.0 prior to 18.0.1, update to version 18.0.1 or later.

Exploit

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

BIT-GITLAB-2025-2853

CVE-2025-2853

Affected Products

Gitlab Ce/Ee

PT-2025-22476 · Gitlab · Gitlab Ce/Ee

CVE-2025-2853

Weakness Enumeration

Related Identifiers

Affected Products

References · 10