{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12664", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2025-11-03T21:04:44.240Z", "datePublished": "2026-04-08T22:26:42.854Z", "dateUpdated": "2026-04-09T13:03:53.739Z"}, "containers": {"cna": {"title": "Improper Validation of Specified Quantity in Input in GitLab", "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries."}], "affected": [{"vendor": "GitLab", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "versions": [{"version": "13.0", "status": "affected", "lessThan": "18.8.9", "versionType": "semver"}, {"version": "18.9", "status": "affected", "lessThan": "18.9.5", "versionType": "semver"}, {"version": "18.10", "status": "affected", "lessThan": "18.10.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-1284: Improper Validation of Specified Quantity in Input", "cweId": "CWE-1284", "type": "CWE"}]}], "references": [{"url": "https://hackerone.com/reports/3377091", "name": "HackerOne Bug Bounty Report #3377091", "tags": ["technical-description", "exploit", "permissions-required"]}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/579376"}, {"url": "https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.8.9, 18.9.5, 18.10.3 or above."}], "credits": [{"lang": "en", "value": "Thanks [foxribeye](https://hackerone.com/foxribeye) for reporting this vulnerability through our HackerOne bug bounty program", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-04-08T22:26:42.854Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T13:03:46.881882Z", "id": "CVE-2025-12664", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T13:03:53.739Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12664", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-09T13:03:46.881882Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T13:03:50.824Z"}}], "cna": {"title": "Improper Validation of Specified Quantity in Input in GitLab", "credits": [{"lang": "en", "type": "finder", "value": "Thanks [foxribeye](https://hackerone.com/foxribeye) for reporting this vulnerability through our HackerOne bug bounty program"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "product": "GitLab", "versions": [{"status": "affected", "version": "13.0", "lessThan": "18.8.9", "versionType": "semver"}, {"status": "affected", "version": "18.9", "lessThan": "18.9.5", "versionType": "semver"}, {"status": "affected", "version": "18.10", "lessThan": "18.10.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.8.9, 18.9.5, 18.10.3 or above."}], "references": [{"url": "https://hackerone.com/reports/3377091", "name": "HackerOne Bug Bounty Report #3377091", "tags": ["technical-description", "exploit", "permissions-required"]}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/579376"}, {"url": "https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/"}], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "CWE-1284: Improper Validation of Specified Quantity in Input"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-04-08T22:26:42.854Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12664", "state": "PUBLISHED", "dateUpdated": "2026-04-09T13:03:53.739Z", "dateReserved": "2025-11-03T21:04:44.240Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2026-04-08T22:26:42.854Z", "assignerShortName": "GitLab"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries."}], "id": "CVE-2025-12664", "lastModified": "2026-04-08T23:16:56.200", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2026-04-08T23:16:56.200", "references": [{"source": "cve@gitlab.com", "url": "https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/"}, {"source": "cve@gitlab.com", "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/579376"}, {"source": "cve@gitlab.com", "url": "https://hackerone.com/reports/3377091"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "cve@gitlab.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[13.0,18.8.9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[18.9,18.9.5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[18.10,18.10.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "inferred", "scores": [{"score": 100.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "GitLab", "source": "cna", "vendor": "GitLab"}, "product": "gitlab", "vendor": "gitlab"}], "analysis": {"en": {"generated_at": "2026-04-08T23:51:16.149072+00:00", "value": {"mitigation_remediation": ["Upgrade to GitLab 18.8.9, 18.9.5, 18.10.3 or later, which contain the fix.", "Restrict unauthenticated access to the GraphQL endpoint by applying firewall or gateway rules.", "Configure rate limiting on GraphQL traffic to reduce the volume of requests a single host can send.", "Monitor system logs for repeated GraphQL queries and investigate anomalous patterns.", "Regularly check GitLab\u2019s security advisories for updates."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "This issue affects GitLab Community and Enterprise Editions. All releases version 13.0 through 18.8.8, 18.9.0 through 18.9.4, and 18.10.0 through 18.10.2 are susceptible. Versions 18.8.9, 18.9.5, 18.10.3, and later releases are not affected.", "description_and_impact": "The flaw lies in the way GitLab processes requests to its GraphQL API. The system accepts input specifying a quantity but does not adequately validate the value. When this quantity is used, it causes the server to perform operations that consume significant processing resources. Because no authentication is required to send these requests, an attacker can repeatedly send them, leading to a state in which the server cannot respond to legitimate traffic, effectively turning the service into a denial of service. The weakness is catalogued as CWE\u20111284.", "risk_and_exploitability": "The CVSS base score for the vulnerability is 7.5, indicating high severity. No EPSS data is presently available, and the defect is not yet listed in the CISA KEV catalog. Attackers can target the vulnerable systems by sending unverified GraphQL queries over the network, so authenticated access is not necessary. Because the flaw allows repeated requests to overload the server, the exploitation condition is readily met for reachable installations, making the risk significant for organizations still running the affected versions."}}}}, "created": "2026-04-09T08:16:07.431731+00:00", "updated": "2026-04-09T08:25:33.403313+00:00", "vendors": ["gitlab", "gitlab$PRODUCT$gitlab"]}