CVE-2025-10868
LOWDescription
An issue has been discovered in GitLab CE/EE affecting all versions from 17.4 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 where certain string conversion methods exhibit performance degradation with large inputs.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
References
Other References
Frequently Asked Questions
What is CVE-2025-10868? +
How severe is CVE-2025-10868? +
What products are affected by CVE-2025-10868? +
How do I check if I'm vulnerable to CVE-2025-10868? +
Related Vulnerabilities
Access control vulnerability in the security verification module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.
An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading …
Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
EXTRA_REFERRER resource read vulnerability in the Gallery module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.