CVE-2025-10569 – This vulnerability allows authenticated users t... (How to Fix)

Q: What is the severity of CVE-2025-10569?

CVE-2025-10569 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows authenticated users to cause denial of service by sending specially crafted responses to external API calls in GitLab. It affects GitLab Community Edition and Enterprise Edition installations running vulnerable versions. The attack requires valid user credentials but can disrupt service availability.

📋 TL;DR

This vulnerability allows authenticated users to cause denial of service by sending specially crafted responses to external API calls in GitLab. It affects GitLab Community Edition and Enterprise Edition installations running vulnerable versions. The attack requires valid user credentials but can disrupt service availability.

💻 Affected Systems

Products:

GitLab Community Edition
GitLab Enterprise Edition

Versions: 8.3 to 18.5.4, 18.6 to 18.6.2, 18.7 to 18.7.0

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments with vulnerable versions are affected regardless of configuration.

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service unavailability for all users, potentially requiring manual intervention to restore functionality.

🟠

Likely Case

Partial service degradation or temporary unavailability affecting multiple users.

🟢

If Mitigated

Minimal impact with proper rate limiting, monitoring, and authentication controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires authenticated user access but exploitation appears straightforward based on CWE-770 (Allocation of Resources Without Limits or Throttling).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 18.5.5, 18.6.3, or 18.7.1

Vendor Advisory: https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/

Restart Required: Yes

Instructions:

1. Backup your GitLab instance. 2. Update to patched version using your deployment method (Omnibus, Helm, source). 3. Restart GitLab services. 4. Verify update completed successfully.

🔧 Temporary Workarounds

Rate limiting external API responses

all

Implement rate limiting on external API endpoints to reduce DoS impact

# Configure in GitLab application settings or via reverse proxy

Restrict user permissions

all

Limit external API access to trusted users only

# Review and adjust user permissions in Admin Area

🧯 If You Can't Patch

Implement strict rate limiting on all external API endpoints
Monitor for unusual API response patterns and implement alerting

🔍 How to Verify

Check if Vulnerable:

Check GitLab version via Admin Area or command: sudo gitlab-rake gitlab:env:info

Check Version:

sudo gitlab-rake gitlab:env:info | grep 'GitLab version'

Verify Fix Applied:

Confirm version is 18.5.5+, 18.6.3+, or 18.7.1+ and test external API functionality

📡 Detection & Monitoring

Log Indicators:

Unusually large external API responses
Multiple failed API calls from single user
High resource consumption alerts

Network Indicators:

Spike in API response sizes
Abnormal request patterns to external endpoints

SIEM Query:

source="gitlab" AND ("external_api" OR "api_call") AND response_size>threshold

📊 Metadata

CVE ID: CVE-2025-10569

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.05% exploit probability (14.3th percentile)

Published: January 9, 2026

Last Updated: January 22, 2026

🔗 References

https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/ Release Notes,Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/570528 Broken Link
https://hackerone.com/reports/3284689 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10569, you might also want to check these: