7.5
CVE-2025-0673
- EPSS 0.52%
- Veröffentlicht 12.06.2025 11:03:28
- Zuletzt bearbeitet 08.08.2025 18:21:04
- Quelle cve@gitlab.com
- CVE-Watchlists
- Unerledigt
Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2, allow an attacker to trigger an infinite redirect loop, potentially leading to a denial of service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.396 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cve@gitlab.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://gitlab.com/gitlab-org/gitlab/-/issues/514732
https://hackerone.com/reports/2936949