CVE-2025-2934 – Allocation of Resources Without Limits or Throttling in GitLab

CVE ID : CVE-2025-2934

Published : Oct. 9, 2025, 12:15 p.m. | 22 minutes ago

Description : GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTTP responses.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…