Security vulnerabilities in GitLab: Attackers can take over accounts

The GitLab software development platform is vulnerable. Several security gaps put systems at risk. After successful attacks, attackers can gain control over accounts and gain unauthorized access to data, among other things.

Various attacks possible

According to a warning message, the developers have closed a total of ten gaps in GitLab Community Edition and Enterprise Edition. Although there are currently no reports of ongoing attacks, the developers recommend that admins install the secured versions on their self-managed installations immediately. They state that the repaired editions are already running on GitLab.com.

If this is not done, attackers can hijack accounts (CVE-2025-4278 “high”), execute their code (CVE-2025-2254 “high”) and take systems out of service via DoS attacks (such as CVE-2025-0673 “high”). Attackers can also access information that is actually locked down (CVE-2025-5195 “medium”). It is not yet clear how such attacks could take place. It is also currently unknown which parameters admins can use to identify systems that have already been attacked.

Security updates available

The developers assure us that they have fixed the vulnerabilities in versions 17.10.8, 17.11.4 and 18.0.2. They have also fixed several bugs in the current versions, which are listed in the warning message. The security vulnerabilities were discovered internally.

In recent months, the developers have secured GitLab against admin attacks, among other things, in which downgraded admins have retained far-reaching rights.

(des)