GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks

GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to Server-Side Request Forgery (SSRF) and Denial of Service (DoS) attacks.

The company is strongly advising all administrators of self-managed GitLab installations to upgrade immediately to the newly released versions: 18.3.2, 18.2.6, and 18.1.6.

The updates address a total of six security vulnerabilities, ranging in severity. Customers using the cloud-hosted GitLab.com service are already protected, and GitLab Dedicated users do not need to take any action.

The fixes are part of GitLab’s scheduled patch releases, which aim to resolve security issues and bugs promptly.

High-Severity Flaws Patched

The most critical vulnerabilities fixed in this release are a high-severity SSRF flaw and a high-severity DoS issue.

The SSRF vulnerability, tracked as CVE-2025-6454, holds a CVSS score of 8.5. It existed in the Webhook custom header feature and could be exploited by an authenticated user.

By injecting specially crafted sequences, an attacker could force the GitLab instance to make unintended internal requests within proxy environments, potentially leading to further compromise.

This flaw affects all versions from 16.11 up to the latest patched releases. The second high-severity issue, CVE-2025-2256, is a DoS vulnerability with a CVSS score of 7.5.

An unauthenticated attacker could have exploited this flaw by sending multiple, concurrent significant SAML responses to a GitLab instance, overwhelming its resources and rendering it unresponsive to legitimate users.

This vulnerability has a wide impact, affecting all versions from 7.12.

Medium-Severity Vulnerabilities Addressed

Alongside the high-severity issues, GitLab patched four medium-severity vulnerabilities, three of which could also result in a denial of service.

• CVE-2025-1250: A DoS flaw (CVSS 6.5) where an authenticated user could stall background job processing by using specially crafted commit messages or merge request descriptions.
• CVE-2025-7337: A persistent DoS vulnerability (CVSS 6.5) that allowed an authenticated user with at least Developer-level access to crash a GitLab instance by uploading large files.
• CVE-2025-10094: Another DoS issue (CVSS 6.5) enabling authenticated users to disrupt access to token-related operations by creating tokens with excessively long names.
• CVE-2025-6769: An information disclosure vulnerability (CVSS 4.3) that could have allowed an authenticated user to view administrator-only maintenance notes by accessing runner details through specific interfaces.

GitLab has credited several security researchers, yuki_osaki, ppee, pwnie, and iamgk808, for discovering and reporting these vulnerabilities through its HackerOne bug bounty program.

In line with its disclosure policy, the full details of these vulnerabilities will be made public on GitLab’s issue tracker 30 days after the release.

The company has urged all self-managed customers to review the security announcement and apply the updates to protect their instances from potential attacks.

Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.

The post GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks appeared first on Cyber Security News.