GitLab Releases Critical Security Patches for Authentication Bypass and DoS Vulnerabilities

Urgent GitLab security updates fix critical vulnerabilities, including credential theft and server crashes. Update now to protect your systems.

By Content Team

Nov 28, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

GitLab has released urgent security updates across versions 18.6.1, 18.5.3, and 18.4.5 to fix multiple high-severity vulnerabilities affecting both Community and Enterprise editions.

The most dangerous flaw, CVE-2024-9183, exploits a race condition in CI/CD caches that lets authenticated attackers steal credentials from higher-privileged users. CVE-2025-12571 allows unauthenticated attackers to crash GitLab servers with malicious JSON requests, potentially taking entire development workflows offline.

A third vulnerability, CVE-2025-12653, enables unauthorized users to bypass security checks and join organizations by manipulating request headers. GitLab.com is already patched, but administrators running self-managed installations must upgrade immediately to prevent exploitation.

Source: CyberSecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical Net-SNMP Flaw Threatens Network Infrastructure Worldwide

Dec 25, 2025

Substack Confirms Data Breach Affecting 700,000 Users After Hacker Leaks Information

Feb 6, 2026

TfL Hack Affected 10 Million People in One of Britain's Biggest Data Breaches

Mar 11, 2026

Hasbro Hit by Cyberattack, Affecting Peppa Pig and Transformers Operations

Apr 4, 2026