CVE-2025-0673 – This vulnerability in GitLab allows attackers t... (How to Fix)

Q: What is the severity of CVE-2025-0673?

CVE-2025-0673 has a CVSS score of 7.5 (HIGH). This vulnerability in GitLab allows attackers to trigger an infinite redirect loop, causing a denial of service by making affected instances unresponsive. All GitLab CE/EE instances running vulnerable versions are affected, potentially disrupting service availability.

📋 TL;DR

This vulnerability in GitLab allows attackers to trigger an infinite redirect loop, causing a denial of service by making affected instances unresponsive. All GitLab CE/EE instances running vulnerable versions are affected, potentially disrupting service availability.

💻 Affected Systems

Products:

GitLab Community Edition
GitLab Enterprise Edition

Versions: 17.7 to 17.10.7, 17.11 to 17.11.3, 18.0 to 18.0.1

Operating Systems: All platforms running GitLab

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments including self-managed, cloud, and containerized installations are affected if running vulnerable versions.

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service unavailability for all users due to infinite redirect loops consuming server resources and preventing legitimate access.

🟠

Likely Case

Partial service disruption with degraded performance and intermittent availability issues affecting user productivity.

🟢

If Mitigated

Minimal impact with proper rate limiting, WAF rules, and monitoring detecting abnormal redirect patterns.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Attack requires sending crafted requests but no authentication needed. Simple to automate for DoS attacks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 17.10.8, 17.11.4, 18.0.2 or later

Vendor Advisory: https://gitlab.com/gitlab-org/gitlab/-/issues/514732

Restart Required: Yes

Instructions:

1. Backup GitLab instance. 2. Update to patched version using package manager (apt/yum) or Omnibus. 3. Run 'gitlab-ctl reconfigure'. 4. Restart GitLab services.

🔧 Temporary Workarounds

Rate Limiting Configuration

all

Implement rate limiting on redirect endpoints to prevent abuse

Configure in GitLab's rate limiting settings or via reverse proxy

WAF Rule Implementation

all

Add Web Application Firewall rules to detect and block redirect loop patterns

Add custom WAF rule for abnormal redirect patterns

🧯 If You Can't Patch

Implement strict rate limiting on all endpoints
Deploy WAF with rules to detect and block redirect loop patterns

🔍 How to Verify

Check if Vulnerable:

Check GitLab version: 'cat /opt/gitlab/version-manifest.txt' or via Admin Area

Check Version:

sudo gitlab-rake gitlab:env:info | grep 'GitLab Version'

Verify Fix Applied:

Confirm version is 17.10.8+, 17.11.4+, or 18.0.2+ and test redirect functionality

📡 Detection & Monitoring

Log Indicators:

Excessive 301/302 redirects in access logs
High CPU/memory usage patterns
Abnormal request patterns to specific endpoints

Network Indicators:

Unusual redirect chains in HTTP traffic
Increased traffic to redirect endpoints

SIEM Query:

source="gitlab_access.log" status=301 OR status=302 | stats count by client_ip | where count > threshold

📊 Metadata

CVE ID: CVE-2025-0673

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-835

EPSS Score: 0.02% exploit probability (3.7th percentile)

Published: June 12, 2025

Last Updated: August 8, 2025

🔗 References

https://gitlab.com/gitlab-org/gitlab/-/issues/514732 Exploit,Issue Tracking
https://hackerone.com/reports/2936949 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0673, you might also want to check these: