CVE-2025-12664 – GitLab

CVSS 7.5 IMPORTANT

“When your development platform slows to a halt, productivity and security both take a hit.”

GitLab released a security update to address a vulnerability that could allow attackers to trigger a denial-of-service condition, disrupting normal operations. The issue affects how GitLab processes certain requests, potentially causing system slowdown or unavailability. CVE-2025-12664 has a CVSS score of 7.5, which is High severity. This makes it a significant risk for organizations relying on GitLab for continuous integration and collaboration.

No verified real-world exploitation or proof-of-concept code has been confirmed. However, service disruption in development pipelines can lead to operational delays and impact software delivery timelines. The patch improves request handling and system stability to prevent abuse.

Key Details

Affected Product
Gitlab Gitlab
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-1284
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.