Introduction
A recently patched input validation flaw in GitLab's Duo Workflows API allows any unauthenticated remote attacker to force unbounded resource allocation on the server, resulting in a complete Denial of Service condition. With a CVSS 3.1 score of 7.5 and zero authentication requirements, this vulnerability represents a meaningful risk to every internet facing, self managed GitLab instance running versions 18.5 through the latest unpatched releases.
Technical Information
Root Cause: Unbounded Resource Allocation (CWE-770)
The vulnerability is rooted in the Duo Workflows API, a feature first introduced in GitLab version 18.5. The core issue is that the API endpoint accepts incoming JSON payloads without performing adequate validation on their size or structure. This maps directly to CWE-770: Allocation of Resources Without Limits or Throttling.
When a request arrives at the Duo Workflows API, the server parses and processes the JSON body. Because no bounds checking or resource consumption limits existed prior to the patch, an attacker could craft a JSON payload designed to force the server into allocating excessive memory or CPU resources. The result is service degradation or a complete denial of service for all users of the GitLab instance.
CVSS Breakdown
The full CVSS 3.1 vector string is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, which breaks down as follows:
- Attack Vector (Network): The vulnerability is exploitable remotely over the internet.
- Attack Complexity (Low): No advanced exploitation techniques or specific timing conditions are required.
- Privileges Required (None): The attacker does not need an account or any level of authentication to trigger the exploit.
- User Interaction (None): The exploit can be executed entirely without the involvement of a legitimate user.
- Scope (Unchanged): The impact is confined to the vulnerable component itself.
- Confidentiality / Integrity (None): No data is leaked or modified.
- Availability (High): The availability of the GitLab service can be completely compromised.
Attack Flow
Based on the available advisory information, the exploitation path follows a straightforward sequence:
- The attacker identifies a GitLab instance exposed to the network (no authentication or reconnaissance of user accounts is needed).
- The attacker crafts a specially structured JSON payload designed to trigger excessive resource allocation when parsed by the Duo Workflows API endpoint.
- The attacker sends this payload to the Duo Workflows API. Because the endpoint does not require authentication, the request is accepted and processed.
- The server begins allocating memory or processing resources in response to the malicious payload. Without any cap or throttle, this allocation continues until the server's resources are exhausted.
- The GitLab instance becomes unresponsive or crashes, denying service to all legitimate users.
The specific endpoint paths and proof of concept payloads remain undisclosed. The associated HackerOne report (#3446641) and GitLab work item (#584490) are both currently restricted from public view. Per GitLab's standard disclosure policy, the issue details will be made public on their issue tracker 30 days after the patch release.
Patch Information
GitLab addressed CVE-2025-14870 in a coordinated patch release published on May 13, 2026, shipping three fixed versions across supported release branches: 18.11.3, 18.10.6, and 18.9.7.
The core of the fix involves introducing proper input validation and resource consumption limits on the Duo Workflows API endpoint. Before the patch, specially crafted JSON payloads sent to this API could force the server to allocate memory or processing resources without any cap, leading to service degradation or outright denial of service. The remediation adds bounds checking and validation logic so that oversized or maliciously structured JSON bodies are rejected before they can trigger excessive resource consumption.
The vulnerability was introduced in GitLab version 18.5, the release that first shipped the Duo Workflows API, and affected all subsequent versions up to (but not including) the patched releases. The three fixed versions map to the three currently supported GitLab release trains:
| Release Branch | Vulnerable Versions | Fixed Version |
|---|---|---|
| 18.11.x | 18.11.0 through 18.11.2 | 18.11.3 |
| 18.10.x | 18.10.0 through 18.10.5 | 18.10.6 |
| 18.9.x and older | 18.5.0 through 18.9.6 | 18.9.7 |
The specific code changes are not publicly visible at this time: the associated GitLab work item remains private, and the HackerOne report is also restricted.
GitLab.com was already updated to the patched version at the time of disclosure, and GitLab Dedicated customers required no action. Self managed installations should upgrade to one of the three fixed versions immediately. The vulnerability was originally reported by security researcher a92847865 through GitLab's HackerOne bug bounty program.
Affected Systems and Versions
The vulnerability affects GitLab Community Edition (CE) and Enterprise Edition (EE) across the following version ranges:
- All versions from 18.5.0 up to (but not including) 18.9.7
- All versions from 18.10.0 up to (but not including) 18.10.6
- All versions from 18.11.0 up to (but not including) 18.11.3
The vulnerable component is the Duo Workflows API, which was first introduced in version 18.5. Any GitLab instance (self managed) running a version within these ranges and exposing the Duo Workflows API to network traffic is affected. GitLab.com (SaaS) and GitLab Dedicated instances have already been patched by GitLab and require no customer action.
Vendor Security History
GitLab maintains a public bug bounty program through HackerOne, operational since 2018. The vendor uses a public CVSS calculator to determine bounty payouts, which reach up to $1000 for critical and high severity reports upon triage. While general DoS attacks are typically out of scope for GitLab's bug bounty program, the vendor explicitly makes exceptions for application layer DoS vulnerabilities that achieve persistent total service disruption and can be executed through unauthenticated endpoints. The acceptance and remediation of CVE-2025-14870 aligns with this updated policy, reflecting GitLab's willingness to address high impact availability threats even when they fall into a category many bounty programs exclude.
References
- NVD: CVE-2025-14870
- CVE Record: CVE-2025-14870
- GitLab Patch Release: 18.11.3, 18.10.6, 18.9.7
- GitLab Release Announcement
- GitLab Work Item #584490 (restricted)
- HackerOne Report #3446641 (restricted)
- GitLab Bug Bounty Program Policy Updates
- GitLab on HackerOne
- CWE-770: Allocation of Resources Without Limits or Throttling



