Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 956

All 956 CVE vulnerabilities found in GitLab, with AI-generated Chinese analysis, references, and POCs.

Vendor: GitLab

CVE IDTitleCVSSSeverityPublished
CVE-2024-4597 Cross-Site Request Forgery (CSRF) in GitLab CWE-352 5.7 Medium2024-05-09
CVE-2024-4024 Authentication Bypass by Assumed-Immutable Data in GitLab CWE-302 7.3 High2024-04-25
CVE-2024-4006 Incorrect Authorization in GitLab CWE-863 4.3 Medium2024-04-25
CVE-2024-1347 Authentication Bypass by Spoofing in GitLab CWE-290 4.3 Medium2024-04-25
CVE-2024-2434 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab CWE-22 8.5 High2024-04-25
CVE-2024-2829 Inefficient Regular Expression Complexity in GitLab CWE-1333 7.5 High2024-04-25
CVE-2023-6489 Inefficient Regular Expression Complexity in GitLab CWE-1333 4.3 Medium2024-04-12
CVE-2023-6678 Inefficient Regular Expression Complexity in GitLab CWE-1333 4.3 Medium2024-04-12
CVE-2024-2279 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2024-04-12
CVE-2024-3092 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2024-04-12
CVE-2023-6371 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2024-03-28
CVE-2024-2818 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 4.3 Medium2024-03-28
CVE-2024-0199 Incorrect Authorization in GitLab CWE-863 7.7 High2024-03-07
CVE-2024-1299 Privilege Chaining in GitLab CWE-268 6.5 Medium2024-03-07
CVE-2023-4895 Missing Authorization in GitLab CWE-862 4.3 Medium2024-02-22
CVE-2023-6477 Incorrect Privilege Assignment in GitLab CWE-266 6.7 Medium2024-02-21
CVE-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab CWE-841 7.7 High2024-02-21
CVE-2024-1451 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2024-02-21
CVE-2024-1525 Authentication Bypass Using an Alternate Path or Channel in GitLab CWE-288 5.3 Medium2024-02-21
CVE-2024-0861 Direct Request ('Forced Browsing') in GitLab CWE-425 4.3 Medium2024-02-21
CVE-2023-3509 Incorrect Authorization in GitLab CWE-863 3.7 Low2024-02-21
CVE-2024-1250 Privilege Chaining in GitLab CWE-268 6.5 Medium2024-02-12
CVE-2023-6564 Incorrect Authorization in GitLab CWE-863 6.5 Medium2024-02-08
CVE-2023-6736 Inefficient Regular Expression Complexity in GitLab CWE-1333 6.5 Medium2024-02-07
CVE-2023-6840 Missing Authorization in GitLab CWE-862 6.7 Medium2024-02-07
CVE-2024-1066 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 6.5 Medium2024-02-07
CVE-2023-5612 Missing Authorization in GitLab CWE-862 5.3 Medium2024-01-26
CVE-2023-6159 Inefficient Regular Expression Complexity in GitLab CWE-1333 6.5 Medium2024-01-26
CVE-2023-5933 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab CWE-80 6.4 Medium2024-01-26
CVE-2024-0456 Direct Request ('Forced Browsing') in GitLab CWE-425 4.3 Medium2024-01-26

All 956 known CVE vulnerabilities affecting GitLab with full Chinese analysis, references, and POCs where available.