CVE-2025-5996

An issue has been discovered in GitLab CE/EE affecting all versions from 2.1.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. A lack of input validation in HTTP responses could allow an authenticated user to cause denial of service.

CVSS

No CVSS.

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/476671	Exploit Issue Tracking
https://gitlab.com/gitlab-org/gitlab/-/issues/479167	Exploit Issue Tracking
https://gitlab.com/gitlab-org/gitlab/-/issues/483111	Exploit Issue Tracking
https://gitlab.com/gitlab-org/gitlab/-/issues/483150	Broken Link
https://gitlab.com/gitlab-org/gitlab/-/issues/498649	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

08 Aug 2025, 18:20

Type	Values Removed	Values Added
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/479167 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/479167 - Exploit, Issue Tracking
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/476671 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/476671 - Exploit, Issue Tracking
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/483150 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/483150 - Broken Link
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/483111 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/483111 - Exploit, Issue Tracking
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/498649 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/498649 - Broken Link
First Time		Gitlab gitlab Gitlab
CWE	~~CWE-770~~
CPE		cpe:2.3:a:gitlab:gitlab:::::community:::* cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

12 Jun 2025, 10:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-12 10:16

Updated : 2025-08-08 18:20

NVD link : CVE-2025-5996

Mitre link : CVE-2025-5996

JSON object : View

Products Affected

gitlab

gitlab

CWE

No CWE.

JSON object

Attach tags to CVE-2025-5996

Attach tags to `CVE-2025-5996`