VDB
NCSC-2025-367
NCSC-2025-367
PUBLISHED
CVSS 7.800000190734863 HIGH
GitLab has addressed a vulnerability in its CE/EE versions that allowed authenticated attackers to exploit specially crafted markdown content, potentially leading to a denial of service.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| GitLab | vers:unknown/* | |
| Open Source | vers:unknown/* |
Timeline
- Nov 18, 2025 CVE Published
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
- Mar 20, 2026 Security Advisory
References
- https://advisories.ncsc.nl/csaf/v2/2025/ncsc-2025-0367.json advisory
- https://about.gitlab.com/releases/2025/11/12/patch-release-gitlab-18-5-2-released/ advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-55549.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-11224.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-11865.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-11990.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-12983.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-24855.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-2615.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6171.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6945.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7000.json advisory
- https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7736.json advisory