CVE-2025-12571 – Allocation of Resources Without Limits or Throttling in GitLab

CVE ID : CVE-2025-12571

Published : Nov. 26, 2025, 7:46 p.m. | 36 minutes ago

Description : GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a Denial of Service condition by sending specifically crafted requests containing malicious JSON payloads.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…