CVE-2025-1908 – This vulnerability in GitLab EE/CE allows attac... (How to Fix)

Q: What is the severity of CVE-2025-1908?

CVE-2025-1908 has a CVSS score of 7.7 (HIGH). This vulnerability in GitLab EE/CE allows attackers to track users' browsing activities through a flaw that could lead to full account takeover. It affects all GitLab instances running vulnerable versions, potentially exposing user sessions and sensitive data.

📋 TL;DR

This vulnerability in GitLab EE/CE allows attackers to track users' browsing activities through a flaw that could lead to full account takeover. It affects all GitLab instances running vulnerable versions, potentially exposing user sessions and sensitive data.

💻 Affected Systems

Products:

GitLab Community Edition
GitLab Enterprise Edition

Versions: All versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects both self-managed and GitLab.com instances. No special configuration required for exploitation.

📦 What is this software?

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

Gitlab by Gitlab

GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...

Learn more about Gitlab →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full account takeover leading to unauthorized access to repositories, source code, CI/CD pipelines, and sensitive organizational data.

🟠

Likely Case

User session hijacking and unauthorized access to private repositories and project data.

🟢

If Mitigated

Limited exposure of user activity patterns without direct account compromise.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires some user interaction but can be automated. The HackerOne report suggests active exploitation vectors.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 17.9.7, 17.10.5, or 17.11.1

Vendor Advisory: https://gitlab.com/gitlab-org/gitlab/-/issues/523065

Restart Required: Yes

Instructions:

1. Backup your GitLab instance. 2. Update to GitLab 17.9.7, 17.10.5, or 17.11.1 using your package manager. 3. Restart GitLab services. 4. Verify the update completed successfully.

🔧 Temporary Workarounds

Restrict User Access

all

Limit user permissions and implement strict access controls to reduce attack surface.

Network Segmentation

all

Isolate GitLab instances from untrusted networks and implement strict firewall rules.

🧯 If You Can't Patch

Implement strict network access controls and monitor for suspicious user activity patterns.
Enable enhanced logging and implement session timeout policies to limit exposure windows.

🔍 How to Verify

Check if Vulnerable:

Check GitLab version via Admin Area or run: sudo gitlab-rake gitlab:env:info | grep 'Version:'

Check Version:

sudo gitlab-rake gitlab:env:info | grep 'Version:'

Verify Fix Applied:

Confirm version is 17.9.7, 17.10.5, or 17.11.1 or higher. Test user session behavior.

📡 Detection & Monitoring

Log Indicators:

Unusual session patterns
Multiple failed login attempts from same IP
Unexpected user agent changes

Network Indicators:

Abnormal API request patterns
Suspicious redirect sequences
Unexpected cross-origin requests

SIEM Query:

source="gitlab" AND (event="session_hijack" OR event="unauthorized_access")

📊 Metadata

CVE ID: CVE-2025-1908

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE: CWE-840

EPSS Score: 0.02% exploit probability (4.7th percentile)

Published: April 24, 2025

Last Updated: August 8, 2025

🔗 References

https://gitlab.com/gitlab-org/gitlab/-/issues/523065 Exploit,Issue Tracking
https://hackerone.com/reports/3016623 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-1908, you might also want to check these: