GitLab has released important security updates for both its Community Edition (CE) and Enterprise Edition (EE) to fix several serious vulnerabilities.
The new patches — versions 18.6.1, 18.5.3, and 18.4.5 — address issues that could let attackers bypass authentication, steal user credentials, or crash servers through DoS attacks.
Admins are strongly advised to update their self-managed GitLab installations immediately. GitLab.com is already patched.
The most serious flaw, CVE-2024-9183, is a race condition in the CI/CD cache. An authenticated attacker could use this bug to steal credentials from higher-privileged users and potentially take over admin accounts or perform unauthorized actions.
| CVE ID | Severity | Type | Description |
|---|---|---|---|
| CVE-2024-9183 | High | Privilege Escalation | A race condition in CI/CD cache allowing users to obtain higher-privileged credentials. |
| CVE-2025-12571 | High | Denial of Service | Unauthenticated users can crash the system via malicious JSON input. |
| CVE-2025-12653 | Medium | Auth Bypass | Unauthenticated users could join arbitrary organizations by altering headers. |
| CVE-2025-7449 | Medium | Denial of Service | Authenticated users can cause a crash via HTTP response processing. |
| CVE-2025-6195 | Medium | Improper Authorization | (EE Only) Users could view restricted security reports under certain conditions. |
| CVE-2025-13611 | Low | Info Disclosure | Leak of sensitive tokens in the terraform registry logs. |
A key update fixes CVE-2025-12571, a serious Denial-of-Service flaw that lets anyone crash a GitLab instance using a malicious JSON request. Because no login is required, attackers could easily take repositories offline and disrupt development work.
Unauthorized Access Risk
The update fixes CVE-2025-12653, a bug that allowed users to slip past security checks and join organizations by modifying request headers.
Even though it’s less severe than the crash issue, it still poses a serious threat to privacy and access control.
GitLab urges all users to upgrade to versions 18.6.1, 18.5.3, or 18.4.5 immediately.
Single-node systems will see brief downtime during the upgrade, while multi-node setups can update with no interruption.
Staying on older versions leaves systems exposed, since attackers can now study the public patches and build exploits for outdated installations
Leave A Comment