GitLab has recently issued critical security updates for its Community Edition (CE) and Enterprise Edition (EE), introducing versions 18.2.1, 18.1.3, and 18.0.5. These updates address six distinct security vulnerabilities, including two high-severity cross-site scripting (XSS) flaws that significantly impact the Kubernetes proxy functionality.
Key Vulnerabilities Addressed:
1. Cross-Site Scripting (XSS) in Kubernetes Proxy (CVE-2025-4700): This vulnerability, with a CVSS score of 8.7, affects the Kubernetes proxy feature. Authenticated attackers could exploit this flaw to trigger unintended content rendering, leading to XSS attacks under specific conditions. All GitLab CE/EE versions from 15.10 up to the current patches are impacted.
2. XSS in Kubernetes Proxy via CDNs (CVE-2025-4439): Rated with a CVSS score of 7.7, this issue specifically affects instances served through content delivery networks (CDNs). Similar to CVE-2025-4700, it allows for XSS attacks under certain circumstances.
3. Exposure of Sensitive Information (CVE-2025-7001): This medium-severity vulnerability (CVSS score of 4.3) involves the resource_group API, where sensitive information could be exposed to unauthorized actors.
4. Improper Access Control in GitLab EE (CVE-2025-4976): Also with a CVSS score of 4.3, this flaw pertains to internal notes in GitLab Duo responses, where improper access control could lead to unauthorized access.
5. Unauthorized Access to Custom Service Desk Email Addresses (CVE-2025-0765): This vulnerability allows unauthorized actors to access custom service desk email addresses, posing a risk of information disclosure.
6. Unauthorized Access to Deployment Job Logs (CVE-2025-1299): This issue involves improper access control, potentially allowing unauthorized access to deployment job logs.
Discovery and Reporting:
These vulnerabilities were identified through GitLab’s HackerOne bug bounty program, with contributions from security researchers joaxcar, iamgk808, rogerace, and pwnie. Their responsible disclosures have been instrumental in GitLab’s efforts to enhance platform security.
Recommendations for Users:
GitLab strongly recommends that all self-managed installations upgrade to the latest patched versions—18.2.1, 18.1.3, or 18.0.5—immediately to mitigate potential security risks. GitLab.com is already running the patched versions, and GitLab Dedicated customers do not need to take action.
Conclusion:
By addressing these vulnerabilities promptly, GitLab demonstrates its commitment to maintaining a secure platform for its users. Organizations utilizing GitLab should prioritize these updates to safeguard their development environments against potential exploits.
