PT-2025-26452 · Gitlab · Gitlab Ce/Ee
Published
2025-06-20
·
Updated
2025-08-12
·
CVE-2024-4025
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
GitLab CE/EE versions 7.10 through 16.11.5
GitLab CE/EE version 17.0 through 17.0.3
GitLab CE/EE version 17.1 through 17.1.1
Description:
A Denial of Service (DoS) condition exists in GitLab CE/EE. An attacker can cause a denial of service by using a crafted markdown page.
Recommendations:
GitLab CE/EE versions prior to 16.11.5: Update to version 16.11.5 or later.
GitLab CE/EE versions prior to 17.0.3: Update to version 17.0.3 or later.
GitLab CE/EE versions prior to 17.1.1: Update to version 17.1.1 or later.
Exploit
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab Ce/Ee