Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 956

All 956 CVE vulnerabilities found in GitLab, with AI-generated Chinese analysis, references, and POCs.

Vendor: GitLab

CVE IDTitleCVSSSeverityPublished
CVE-2025-2242 Incorrect Authorization in GitLab CWE-863 7.5 High2025-03-27
CVE-2025-2255 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2025-03-27
CVE-2024-7296 Incorrect Authorization in GitLab CWE-863 2.7 Low2025-03-13
CVE-2025-1257 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 6.5 Medium2025-03-13
CVE-2024-8402 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab CWE-77 3.7 Low2025-03-13
CVE-2024-12380 Generation of Error Message Containing Sensitive Information in GitLab CWE-209 4.4 Medium2025-03-13
CVE-2024-13054 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 6.5 Medium2025-03-13
CVE-2025-0652 Incorrect Authorization in GitLab CWE-863 4.3 Medium2025-03-13
CVE-2025-2045 Incorrect Authorization in GitLab CWE-863 4.3 Medium2025-03-06
CVE-2025-1540 Incorrect Authorization in GitLab CWE-863 3.1 Low2025-03-06
CVE-2025-0555 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 7.7 High2025-03-03
CVE-2024-10925 Authorization Bypass Through User-Controlled Key in GitLab CWE-639 5.3 Medium2025-03-03
CVE-2025-0475 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2025-03-03
CVE-2024-8186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 5.4 Medium2025-03-03
CVE-2024-3303 Improper Neutralization of Input Used for LLM Prompting in GitLab CWE-1427 6.4 Medium2025-02-13
CVE-2025-1198 Insufficient Session Expiration in GitLab CWE-613 4.2 Medium2025-02-13
CVE-2024-7102 Execution with Unnecessary Privileges in GitLab CWE-250 9.6 Critical2025-02-13
CVE-2024-8266 Execution with Unnecessary Privileges in GitLab CWE-250 4.4 Medium2025-02-13
CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab CWE-441 4.3 Medium2025-02-12
CVE-2025-0516 Incorrect Authorization in GitLab CWE-863 4.3 Medium2025-02-12
CVE-2024-12379 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 6.5 Medium2025-02-12
CVE-2025-0376 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab CWE-79 8.7 High2025-02-12
CVE-2025-1212 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab CWE-497 4.3 Medium2025-02-12
CVE-2025-1042 Files or Directories Accessible to External Parties in GitLab CWE-552 4.9 Medium2025-02-12
CVE-2025-1072 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 6.5 Medium2025-02-07
CVE-2024-2878 Allocation of Resources Without Limits or Throttling in GitLab CWE-770 7.5 High2025-02-05
CVE-2024-3976 Missing Authorization in GitLab CWE-862 6.5 Medium2025-02-05
CVE-2024-5528 Incomplete Comparison with Missing Factors in GitLab CWE-1023 3.5 Low2025-02-05
CVE-2024-9631 Inefficient Algorithmic Complexity in GitLab CWE-407 7.5 High2025-02-05
CVE-2024-6356 Incorrect User Management in GitLab CWE-286 4.4 Medium2025-02-05

All 956 known CVE vulnerabilities affecting GitLab with full Chinese analysis, references, and POCs where available.