A critical security advisory (CIVN‑2025‑0135) from CERT‑In warns that several high-severity vulnerabilities in GitLab Community and Enterprise editions could let attackers execute cross-site scripting (XSS), cause denial-of-service (DoS), bypass access controls, and steal sensitive data. Admins must update to protected versions without delay.
What You Need to Know
CERT‑In highlighted these key risks in GitLab versions prior to 18.0.2, 17.11.4, and 17.10.8:
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
- HTML injection (CVE‑2025‑4278) in search pages enables account takeover via injected code
- XSS vulnerability (CVE‑2025‑2254) in snippet viewer allows script execution in users’ browser sessions
- Authorization bypass (CVE‑2025‑5121) affects Ultimate EE, enabling attackers to inject malicious CI/CD jobs
- Multiple DoS and information disclosure flaws, including CVE‑2025‑0673, 1516, 1478, 5996These flaws carry high CVSS scores (up to 8.7), indicating serious potential impact on integrity, confidentiality, and availability.
Patched Versions Now Available
GitLab released updates on June 11, 2025, issuing patched versions, 18.0.2, 17.11.4, 17.10.8 to fix the high-severity flaws. On June 25, additional fixes arrived in 18.0.3, 17.11.5, and 18.1.1, resolving further DoS, access-control, and elevation-of-privilege issues
GitLab strongly recommends upgrading all self‑managed CE and EE installations. Hosted GitLab.com and Dedicated instances already run patched versions
Urgent Patching Required for All GitLab Users
Security firm Tenable confirmed the HTML injection flaw (CVE‑2025‑4278) allows attackers to take over accounts remotely in vulnerable versions
CERT‑EU classified some issues as high severity, urging prompt mitigation
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
GitLab is widely used including by Fortune 100 firms handling source code, CI/CD workflows, and sensitive data. Unpatched systems risk full account compromise, unauthorized pipeline operations, data leaks, and denial-of-service.
Recommended Actions
- Upgrade immediately to at least version 18.0.2, 17.11.4, or 17.10.8.
- Consider later patch releases (18.0.3, 17.11.5, 18.1.1) for added fixes
- Audit CI/CD pipelines, access logs, and user permissions post-update.
- Enable two-factor authentication and follow GitLab’s security best practices.
About the author – Ayush Chaurasia is a postgraduate student passionate about cybersecurity, threat hunting, and global affairs. He explores the intersection of technology, psychology, national security, and geopolitics through insightful writing