Today, we are releasing versions 18.5.2, 18.4.4, 18.3.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).
These versions contain important bug and security fixes, and we strongly recommend that all self-managed GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version. GitLab Dedicated customers do not need to take action.
GitLab releases fixes for vulnerabilities in patch releases. There are two types of patch releases: scheduled releases and ad-hoc critical patches for high-severity vulnerabilities. Scheduled releases are released twice a month on the second and fourth Wednesdays. For more information, please visit our releases handbook and security FAQ. You can see all of GitLab release blog posts here.
For security fixes, the issues detailing each vulnerability are made public on our issue tracker 30 days after the release in which they were patched.
We are committed to ensuring that all aspects of GitLab that are exposed to customers or that host customer data are held to the highest security standards. To maintain good security hygiene, it is highly recommended that all customers upgrade to the latest patch release for their supported version. You can read more best practices in securing your GitLab instance in our blog post.
Recommended Action
We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible.
When no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, it means all types are affected.
Security fixes
Table of security fixes
CVE-2025-11224 - Cross-site scripting issue in k8s proxy impacts GitLab CE/EE
GitLab has remediated an issue that, under certain conditions, could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality.
Impacted Versions: GitLab CE/EE: all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 7.7 (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N)
Thanks joaxcar for reporting this vulnerability through our HackerOne bug bounty program
CVE-2025-11865 - Incorrect Authorization issue in workflows impacts GitLab EE
GitLab has remediated an issue that, under certain circumstances, could have allowed a user to remove Duo flows of another user.
Impacted Versions: GitLab EE: all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
This vulnerability has been discovered internally by GitLab team member Dylan Griffith.
CVE-2025-2615 - Information Disclosure issue in GraphQL subscriptions impacts GitLab CE/EE
GitLab has remediated an issue that could have allowed a blocked user to access sensitive information by establishing GraphQL subscriptions through WebSocket connections.
Impacted Versions: GitLab CE/EE: all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Thanks rogerace for reporting this vulnerability through our HackerOne bug bounty program.
CVE-2025-7000 - Information Disclosure issue in access control impacts GitLab CE/EE
GitLab has remdiated an issue in GitLab CE/EE that under specific conditions, could have allowed unauthorized users to view confidential branch names by accessing project issues with related merge requests.
Impacted Versions: GitLab CE/EE: all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Thanks weasterhacker for reporting this vulnerability through our HackerOne bug bounty program
CVE-2025-6945 - Prompt Injection issue in GitLab Duo review impacts GitLab EE
GitLab has remediated an issue that could have allowed an authenticated user to leak sensitive information from confidential issues by injecting hidden prompts in merge request comments.
Impacted Versions: GitLab EE: all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 3.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)
Thanks rogerace for reporting this vulnerability through our HackerOne bug bounty program
CVE-2025-11990 - Client Side Path Traversal issue in branch names impacts GitLab EE
GitLab has remediated an issue that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses.
Impacted Versions: GitLab EE: all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 3.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)
Thanks swiftee for reporting this vulnerability through our HackerOne bug bounty program
CVE-2025-6171 - Information Disclosure issue in packages API endpoint impacts GitLab CE/EE
GitLab has remediated an issue that could have allowed an authenticated user with reporter access to view branch names and pipeline details by accessing the packages API endpoint even when repository access was disabled.
Impacted Versions: GitLab CE/EE: all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 3.1 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
Thanks iamgk808 for reporting this vulnerability through our HackerOne bug bounty program
CVE-2025-7736 - Improper Access Control issue in GitLab Pages impacts GitLab CE/EE
GitLab has remediated an issue that could have allowed an authenticated user to bypass access control restrictions and view GitLab Pages content intended only for project members by authenticating through OAuth providers.
Impacted Versions: GitLab CE/EE: all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 3.1 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
Thanks mateuszek for reporting this vulnerability through our HackerOne bug bounty program
CVE-2025-12983 - Denial of service issue in markdown impacts GitLab CE/EE
GitLab has remediated an issue that could have allowed an authenticated user to cause a denial of service condition by submitting specially crafted markdown content with nested formatting patterns.
Impacted Versions: GitLab CE/EE: all versions from 16.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2
CVSS 3.1 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)
Thanks phli for reporting this vulnerability through our HackerOne bug bounty program
### libxslt security updates
libxslt has been updated to version 1.1.43 which contains fixes for security vulnerabilities including CVE-2024-55549 and CVE-2025-24855
Bug fixes
18.5.2
- [18.5] Backport of "Rails: Add explicit ClickHouse check skip"
- Backport of 'rf-disable-sec-attribute-feature-flags'
- Backport E2E test: fix create project web ui 18-5
- 18.5 Backport of 'Fix query for finding existing Jira issues for vulnerabilities'
- Backport of 'Filter out group-level rules from details page'
- [18.5] Reduce cached SQL queries in
/api/v4/internal/pagesendpoint - [18.5] Update dependency openssl to v3.3.2
- Update dependency simplecov-cobertura to v3
- Backport of Fix password validation exception for FIPS
- Backport of 'Fix admin_project_member policy for SAML projects related to user namespaces'
- Backport of 'Web Agentic Chat: fix calling workflowGoal on undefined'
- [Backport 18.5] Turn off Duo core widget for self-managed
- Backport of 'Fix status mapping evaluation for non-persisted current status records'
- [18.5] Upgrade Rack to 2.2.20
- Backport of Elastic rake tasks projects_not_indexed and index_projects_status could be confusing
- Backport of 'Add deleted Geo migration back'
- Backport of Allow Legacy FIPS instances to Upgrade Oauth secerets
- Backport of Zoekt Exclude forks and Include archived filters in the cache key
- [Backport 18.5] Clear tracking queues when recreating index from scratch
- [18.5 Backport] Delete failed reindexing indexes created over 30 days ago
- Backport of 'Fix redirect loop in Gitea rate limit`
- [18.5 Backport] Set http_continue_timeout to nil for s3 client
- [18.5] Fix background migration when Ghost user is missing
- Backport Support Jira Cloud and Server issue fetching
- [18.5] Fix test failure by adjusting dates to match partition range
- Backport 'Revert merge trains changes to getState GraphQL query'
- Backport 'Update merge request widget polling timeout intervals'
- [18.5] Downgrade Zeitwerk to 2.6.18
- [Backport/18.5] of Fix instance bbm for mishandled nil verification token
- Fix NGINX not routing traffic to the right server
- [18.5] Uninstall rexml 3.4.0 and ensure 3.4.4 is used
- Update redis to v7.2.11
- Bump eventmachine-tail gem to version 0.6.6
- [18.5] Upgrade Rack to 2.2.20
18.4.4
- [18.4] Backport of "Rails: Add explicit ClickHouse check skip"
- [18.4] Reduce cached SQL queries in
/api/v4/internal/pagesendpoint - [18.4] Update dependency openssl to v3.3.2
- Backports branch 'tachyons-remove-ff-sha512-oauth' into 'master'
- [18.4] Update rexml to v3.4.4
- Backport of Fix password validation exception for FIPS
- Backport of 'Fix admin_project_member policy for SAML projects related to user namespaces'
- [Backport 18.4] Turn off Duo core widget for self-managed
- [18.4] Upgrade Rack to 2.2.20
- Backport of Elastic rake tasks projects_not_indexed and index_projects_status could be confusing
- Backport of 'Add deleted Geo migration back'
- Backport of 'Fix: prevent duplicate '?' in Download directory URL (use '&' for extra params)'
- Backport of Allow Legacy FIPS instances to Upgrade Oauth secrets
- Backport of 'Fix redirect loop in Gitea rate limit'
- [18.4 Backport] Set http_continue_timeout to nil for s3 client
- Backport of Update Jira integration to use token-based pagination and Support Jira Cloud and Server issue fetching
- Backport 'Revert merge trains changes to getState GraphQL query'
- Backport of Zoekt Exclude forks and Include archived filters in the cache key
- Backport 'Update merge request widget polling timeout intervals'
- [Backport/18.4] of Fix instance bbm for mishandled nil verification token
- [18.4] Uninstall rexml 3.4.0 and ensure 3.4.4 is used
- Update redis to v7.2.11
- [18.4] Upgrade Rack to 2.2.20
18.3.6
- [18.3] Reduce cached SQL queries in
/api/v4/internal/pagesendpoint - [18.3] Update dependency openssl to v3.3.2
- [18.3] Update rexml to v3.4.4
- [18.3] Upgrade Rack to 2.2.20
- [18.3 Backport] Set http_continue_timeout to nil for s3 client
- Backport of 'Fix redirect loop in Gitea rate limit'
- Backport of Update Jira integration to use token-based pagination and Support Jira Cloud and Server issue fetching
- [18.3] Uninstall rexml 3.4.0 and ensure 3.4.4 is used
- Update redis to v7.2.11
- [18.3] Upgrade Rack to 2.2.20
Important notes on upgrading
This patch includes database migrations that may impact your upgrade process.
Impact on your installation:
- Single-node instances: This patch will cause downtime during the upgrade as migrations must complete before GitLab can start.
- Multi-node instances: With proper zero-downtime upgrade procedures, this patch can be applied without downtime.
Post-deploy migrations
The following versions include post-deploy migrations that can run after the upgrade:
- 18.5.2
- 18.4.4
To learn more about the impact of upgrades on your installation, see:
- Zero-downtime upgrades for multi-node deployments
- Standard upgrades for single-node installations
Updating
To update GitLab, see the Update page. To update Gitlab Runner, see the Updating the Runner page.
Receive Patch Notifications
To receive patch blog notifications delivered to your inbox, visit our contact us page. To receive release notifications via RSS, subscribe to our patch release RSS feed or our RSS feed for all releases.
We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum.
Share your feedback