CVE-2025-0290

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:17.7.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:17.7.0:*:*:*:enterprise:*:*:*

History

05 Aug 2025, 20:45

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:gitlab:gitlab:17.7.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:17.7.0:*:*:*:community:*:*:*
First Time Gitlab gitlab
Gitlab
References () https://gitlab.com/gitlab-org/gitlab/-/issues/372134 - () https://gitlab.com/gitlab-org/gitlab/-/issues/372134 - Broken Link
Summary
  • (es) Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones a partir de la 15.0 anterior a la 17.5.5, de la 17.6 anterior a la 17.6.3 y de la 17.7 anterior a la 17.7.1. En determinadas condiciones, el procesamiento de metadatos de artefactos de CI podría provocar que los trabajos en segundo plano dejaran de responder.

28 Jan 2025, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-01-28 09:15

Updated : 2025-08-05 20:45


NVD link : CVE-2025-0290

Mitre link : CVE-2025-0290

CVE.ORG link : CVE-2025-0290


JSON object : View

Products Affected

gitlab

  • gitlab
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

NVD-CWE-noinfo