{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:58:49.192","vulnerabilities":[{"cve":{"id":"CVE-2025-13436","sourceIdentifier":"cve@gitlab.com","published":"2026-03-25T17:16:27.163","lastModified":"2026-03-26T18:28:49.180","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to cause a denial of service due to excessive resource consumption when handling certain CI-related inputs."},{"lang":"es","value":"GitLab ha remediado un problema en GitLab CE/EE que afecta a todas las versiones desde la 13.7 antes de la 18.8.7, la 18.9 antes de la 18.9.3, y la 18.10 antes de la 18.10.1 que podría haber permitido a un usuario autenticado causar una denegación de servicio debido al consumo excesivo de recursos al manejar ciertas entradas relacionadas con CI."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"13.7.0","versionEndExcluding":"18.8.7","matchCriteriaId":"946B195B-BD75-4727-B507-E8C9B53F3B15"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"13.7.0","versionEndExcluding":"18.8.7","matchCriteriaId":"99CF3B34-E11C-47C7-8F9D-188BF5CB5BB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"18.9.0","versionEndExcluding":"18.9.3","matchCriteriaId":"96F7E7EC-4C2E-4A48-8134-9262B251C89C"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.9.0","versionEndExcluding":"18.9.3","matchCriteriaId":"C3240349-67A3-43E2-BAD9-EFAA3E0A5D31"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:18.10.0:*:*:*:community:*:*:*","matchCriteriaId":"D5B6ECC9-6AEA-4DD0-B12B-A3A7A9FE91DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:18.10.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"2B8DF779-B99E-4096-B734-78AB1849D136"}]}]}],"references":[{"url":"https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/","source":"cve@gitlab.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/581372","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3418149","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}