VDB
CVE-2025-11042
CVE-2025-11042
PUBLISHED
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service (DoS) condition while using specific GraphQL queries.
EPSS 0.10% · 27.4th percentile
Risk Scores
EPSS Score
0.10%
27.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 17.2.0, 18.3.0, 18.4.0 |
| Bitnami | gitlab | 18.3.0, 18.4.0, 17.2.0 |
Exploit Intelligence
- GitLab Issue #550374 (circl)
Timeline
- Jan 21, 1970 Security Advisory
- Sep 26, 2025 EPSS Score
- Sep 26, 2025 CVE Published
- Sep 29, 2025 CVE Updated
- Oct 3, 2025 EPSS Score
- Oct 3, 2025 Coalition ESS Score
- Oct 6, 2025 Coalition ESS Score
- Oct 10, 2025 EPSS Score
- Oct 16, 2025 EPSS Score
- Oct 23, 2025 EPSS Score
- Oct 30, 2025 EPSS Score
- Nov 6, 2025 EPSS Score