VDB

CVE-2025-11042

CVE-2025-11042 PUBLISHED

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service (DoS) condition while using specific GraphQL queries.

EPSS 0.10% · 27.4th percentile

Risk Scores

EPSS Score
0.10%
27.4th percentile

Affected Products

VendorProductVersions
Bitnamigitlab17.2.0, 18.3.0, 18.4.0
Bitnamigitlab18.3.0, 18.4.0, 17.2.0

Exploit Intelligence

Timeline

  • Jan 21, 1970 Security Advisory
  • Sep 26, 2025 EPSS Score
  • Sep 26, 2025 CVE Published
  • Sep 29, 2025 CVE Updated
  • Oct 3, 2025 EPSS Score
  • Oct 3, 2025 Coalition ESS Score
  • Oct 6, 2025 Coalition ESS Score
  • Oct 10, 2025 EPSS Score
  • Oct 16, 2025 EPSS Score
  • Oct 23, 2025 EPSS Score
  • Oct 30, 2025 EPSS Score
  • Nov 6, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›