PT-2025-50580 · Gitlab · Gitlab Ce/Ee

Jcarre

Published

2025-12-10

Updated

2025-12-11

CVE-2025-4097

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.10 through 18.4.5 GitLab CE/EE versions 18.5 through 18.5.3 GitLab CE/EE versions 18.6 through 18.6.1

Description An authenticated user could potentially cause a denial of service by uploading specially crafted images.

Recommendations Update GitLab CE/EE to version 18.4.6 or later. Update GitLab CE/EE to version 18.5.4 or later. Update GitLab CE/EE to version 18.6.2 or later.

Exploit

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

BDU:2025-15823

BIT-GITLAB-2025-4097

CVE-2025-4097

Affected Products

Gitlab Ce/Ee

PT-2025-50580 · Gitlab · Gitlab Ce/Ee

CVE-2025-4097

Weakness Enumeration

Related Identifiers

Affected Products

References · 12