CVE-2025-3601

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-3601

Severity

Unknown

Description

An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service (DoS) condition by submitting URLs that generate excessively large responses.

References

https://images.chainguard.dev/security/CGA-25gq-59jc-9p78
https://github.com/advisories/GHSA-v8g6-hvf8-9cwq
https://images.chainguard.dev/security/CGA-gx84-9q3q-g984
https://images.chainguard.dev/security/CGA-h65q-m4mj-497w
https://images.chainguard.dev/security/CGA-pv2w-qx46-rmvj
https://gitlab.com/gitlab-org/gitlab/-/issues/536034
https://hackerone.com/reports/3050155

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2025-3601

Severity

Description

References

Affected packages

Product

Solutions

Customers

Resources

Company