CVE-2025-12571 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2025-12571?

CVE-2025-12571 has a CVSS score of 7.5 (HIGH). This vulnerability allows unauthenticated attackers to cause Denial of Service (DoS) in GitLab by sending specially crafted JSON payloads. It affects all GitLab Community Edition (CE) and Enterprise Edition (EE) installations running vulnerable versions. The attack requires no authentication and can disrupt GitLab service availability.

📋 TL;DR

This vulnerability allows unauthenticated attackers to cause Denial of Service (DoS) in GitLab by sending specially crafted JSON payloads. It affects all GitLab Community Edition (CE) and Enterprise Edition (EE) installations running vulnerable versions. The attack requires no authentication and can disrupt GitLab service availability.

💻 Affected Systems

Products:

GitLab Community Edition
GitLab Enterprise Edition

Versions: 17.10 to 18.4.4, 18.5 to 18.5.2, 18.6 to 18.6.0

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments including self-managed, cloud, and containerized installations are affected if running vulnerable versions.

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service unavailability for all GitLab users, disrupting code repositories, CI/CD pipelines, and collaboration features until service is restored.

🟠

Likely Case

Temporary service degradation or outages affecting development workflows and operations.

🟢

If Mitigated

Minimal impact with proper rate limiting, WAF rules, and network segmentation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Attack requires crafting malicious JSON payloads but no authentication or special privileges needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 18.4.5, 18.5.3, or 18.6.1

Vendor Advisory: https://about.gitlab.com/releases/2025/11/26/patch-release-gitlab-18-6-1-released/

Restart Required: Yes

Instructions:

1. Backup your GitLab instance. 2. Update to patched version using your package manager (apt/yum). 3. Run 'gitlab-ctl reconfigure'. 4. Restart GitLab services.

🔧 Temporary Workarounds

Rate Limiting

all

Implement rate limiting on JSON endpoints to reduce DoS impact

Configure in GitLab's nginx or application settings

WAF Rules

all

Add WAF rules to block malicious JSON payload patterns

🧯 If You Can't Patch

Implement network segmentation to restrict access to GitLab from untrusted networks
Deploy a reverse proxy with request filtering and rate limiting

🔍 How to Verify

Check if Vulnerable:

Check GitLab version against affected ranges: 17.10-18.4.4, 18.5-18.5.2, 18.6-18.6.0

Check Version:

sudo gitlab-rake gitlab:env:info | grep 'Version:'

Verify Fix Applied:

Confirm version is 18.4.5, 18.5.3, or 18.6.1 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual JSON parsing errors
High CPU/memory usage spikes
Multiple failed requests from single IPs

Network Indicators:

Spike in requests to JSON endpoints
Malformed JSON payloads in traffic

SIEM Query:

source="gitlab" AND ("JSON parse error" OR "malformed request") AND status=400

📊 Metadata

CVE ID: CVE-2025-12571

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.08% exploit probability (22.9th percentile)

Published: November 26, 2025

Last Updated: December 10, 2025

🔗 References

https://about.gitlab.com/releases/2025/11/26/patch-release-gitlab-18-6-1-released/
https://gitlab.com/gitlab-org/gitlab/-/issues/579168 Broken Link
https://hackerone.com/reports/3362239 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12571, you might also want to check these: