CVE-2025-8014 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-8014 PUBLISHED

Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 allows unauthenticated users to potentially bypass query complexity limits leading to resource exhaustion and service disruption.

EPSS 0.14% · 34.6th percentile

Risk Scores

EPSS Score

0.14%

34.6th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	11.10.0, 18.3.0, 18.4.0
Bitnami	gitlab	11.10.0, 18.3.0, 18.4.0

Timeline

Sep 26, 2025 CVE Published
Sep 28, 2025 EPSS Score
Oct 1, 2025 CVE Updated
Oct 4, 2025 EPSS Score
Oct 10, 2025 EPSS Score
Oct 16, 2025 EPSS Score
Oct 23, 2025 EPSS Score
Oct 29, 2025 EPSS Score
Nov 4, 2025 EPSS Score
Nov 10, 2025 EPSS Score
Nov 16, 2025 EPSS Score
Nov 22, 2025 EPSS Score

References

Open in Interactive Console →