GitLab Security Update – Patch for Multiple Vulnerabilities in Community and Enterprise Edition

GitLab has released critical security patches addressing multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with versions 18.2.1, 18.1.3, and 18.0.5 now available for immediate deployment. 

The release includes fixes for six distinct security vulnerabilities, including two high-severity cross-site scripting (XSS) issues that pose significant risks to Kubernetes proxy functionality. 

Key Takeaways
1. GitLab fixed 6 vulnerabilities including 2 high-severity XSS flaws in latest versions.
2. Critical XSS vulnerabilities target Kubernetes proxy (CVSS 8.7-7.7).
3. Self-managed installations must upgrade immediately.

These patches represent a coordinated response to vulnerabilities discovered through GitLab’s HackerOne bug bounty program, with immediate action strongly recommended for all self-managed installations.

Kubernetes Proxy Vulnerabilities

The most severe vulnerabilities addressed in this patch cycle involve cross-site scripting attacks targeting GitLab‘s Kubernetes proxy functionality. 

CVE-2025-4700, rated with a CVSS score of 8.7, affects the Kubernetes proxy feature and could potentially allow authenticated attackers to trigger unintended content rendering, leading to XSS under specific circumstances. 

The vulnerability impacts all GitLab CE/EE versions from 15.10 before the current patches. 

Additionally, CVE-2025-4439 addresses a related XSS issue specifically affecting instances served through content delivery networks (CDNs), carrying a CVSS score of 7.7. 

Both vulnerabilities were discovered by security researcher joaxcar through the HackerOne platform, highlighting the effectiveness of GitLab’s bug bounty program in identifying critical security flaws.

Information Disclosure and Access Control Issues

Four medium-severity vulnerabilities complete the security patch roster, each carrying CVSS scores of 4.3. 

CVE-2025-7001 addresses an exposure of sensitive information issue affecting resource_group API access, while CVE-2025-4976 specifically impacts GitLab Enterprise Edition users by fixing improper access control to internal notes in GitLab Duo responses. 

The remaining vulnerabilities, CVE-2025-0765 and CVE-2025-1299, address unauthorized access to custom service desk email addresses and deployment job logs, respectively. 

These vulnerabilities collectively demonstrate the comprehensive security review undertaken by GitLab’s security team, with researchers iamgk808, rogerace, and pwnie contributing to the discovery process through responsible disclosure.

GitLab strongly recommends immediate upgrading to the latest patch versions, emphasizing that GitLab.com is already running the patched versions, while GitLab Dedicated customers require no action. 

The company maintains a bi-monthly scheduled release cycle on the second and fourth Wednesdays, with additional ad-hoc critical patches for high-severity vulnerabilities as demonstrated by this release. 

Security vulnerability details will be publicly disclosed on GitLab’s issue tracker 30 days post-release, maintaining transparency while allowing adequate time for system administrators to implement necessary patches.

Boost detection, reduce alert fatigue, accelerate response; all with an interactive sandbox built for security teams -> Try ANY.RUN Now