GitLab Security Patch – Fixes for Multiple Vulnerabilities in Community and Enterprise Editions

GitLab has released critical security patches for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities that could potentially compromise user data and system security.

The company strongly urges all self-managed GitLab installations to upgrade immediately to the newly released versions 18.2.1, 18.1.3, or 18.0.5.

The security update addresses six distinct vulnerabilities, with two classified as high severity and four as medium severity. The vulnerabilities include:

High Severity Issues:

• CVE-2025-4700 (CVSS 8.7) – Cross-site scripting vulnerability affecting GitLab’s Kubernetes proxy feature that could allow attackers to trigger unintended content rendering leading to XSS under specific circumstances.
  
• CVE-2025-4439 (CVSS 7.7) – Related XSS vulnerability affecting instances served through certain content delivery networks.

Medium Severity Issues:

• CVE-2025-7001 (CVSS 4.3) – Unauthorized access to resource group information through APIs.
  
• CVE-2025-4976 (CVSS 4.3) – Potential access to internal notes in GitLab Duo responses for Enterprise Edition users.
  
• CVE-2025-0765 (CVSS 4.3) – Exposure of custom service desk email addresses to unauthorized users.
  
• CVE-2025-1299 (CVSS 4.3) – Unauthorized reading of deployment job logs through crafted requests.

Both XSS vulnerabilities impact all GitLab versions from 15.10 onwards, affecting a substantial portion of the user base.

Security researchers joaxcar, who reported both high-severity issues through GitLab’s HackerOne bug bounty program, identified these critical flaws that could potentially allow authenticated users to execute malicious scripts.

GitLab Security Patch

GitLab emphasizes that GitLab.com is already running the patched version, and GitLab Dedicated customers require no action.

However, organizations running self-managed GitLab instances face immediate security risks and must prioritize updates.

The company maintains its commitment to security transparency by making vulnerability details public on their issue tracker 30 days after patches are released.

The patches also include numerous bug fixes across all three versions. Notable improvements include fixes for double-path issues in COM_REGISTRY, S3 compatibility enhancements for non-AWS providers, and various improvements to GitLab’s Agentic Chat functionality.

Version 18.1.3 addresses Elasticsearch URL configuration issues and branch loading problems in group merge request lists.

Security Best Practices

GitLab follows a structured patch release schedule, typically releasing fixes twice monthly on the second and fourth Wednesdays.

However, critical security vulnerabilities like these trigger ad-hoc releases to ensure rapid protection for users. The company’s security FAQ and releases handbook provide comprehensive guidance for maintaining secure GitLab installations.

Organizations should immediately assess their current GitLab versions and plan upgrade schedules. GitLab recommends upgrading to the latest patch release for supported versions as a fundamental security hygiene practice.

The update process varies depending on deployment type (omnibus, source code, helm chart), but all deployment methods are affected by these vulnerabilities.

System administrators can access detailed update instructions through GitLab’s official documentation, with specific guidance for GitLab Runner updates also available.

Given the high severity of the XSS vulnerabilities and their potential impact on user data security, delays in applying these patches could expose organizations to significant security risks.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.