Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GitLab:GitLabGitLab CE/EEGitLab Community and Enterprise EditionsGitLab EEGitLab Runnergitlab-vscode-extensionDASTGitLab Community Edition and GitLab Enterprise EditionGitalyGitLab PagesDAST API scannerGitLab DAST API scannerGitLab VSCode ForkGitLab Language ServerGitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2024-2454 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2024-05-09
CVE-2024-2651 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 6.5 Medium2024-05-09
CVE-2024-4539 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 4.3 Medium2024-05-09
CVE-2024-4597 Cross-Site Request Forgery (CSRF) in GitLab — GitLabCWE-352 5.7 Medium2024-05-09
CVE-2024-4024 Authentication Bypass by Assumed-Immutable Data in GitLab — GitLabCWE-302 7.3 High2024-04-25
CVE-2024-4006 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2024-04-25
CVE-2024-1347 Authentication Bypass by Spoofing in GitLab — GitLabCWE-290 4.3 Medium2024-04-25
CVE-2024-2434 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab — GitLabCWE-22 8.5 High2024-04-25
CVE-2024-2829 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 7.5 High2024-04-25
CVE-2023-6489 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 4.3 Medium2024-04-12
CVE-2023-6678 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 4.3 Medium2024-04-12
CVE-2024-2279 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2024-04-12
CVE-2024-3092 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2024-04-12
CVE-2023-6371 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2024-03-28
CVE-2024-2818 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 4.3 Medium2024-03-28
CVE-2024-0199 Incorrect Authorization in GitLab — GitLabCWE-863 7.7 High2024-03-07
CVE-2024-1299 Privilege Chaining in GitLab — GitLabCWE-268 6.5 Medium2024-03-07
CVE-2023-4895 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2024-02-22
CVE-2023-6477 Incorrect Privilege Assignment in GitLab — GitLabCWE-266 6.7 Medium2024-02-21
CVE-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab — GitLabCWE-841 7.7 High2024-02-21
CVE-2024-1451 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2024-02-21
CVE-2024-1525 Authentication Bypass Using an Alternate Path or Channel in GitLab — GitLabCWE-288 5.3 Medium2024-02-21
CVE-2024-0861 Direct Request ('Forced Browsing') in GitLab — GitLabCWE-425 4.3 Medium2024-02-21
CVE-2023-3509 Incorrect Authorization in GitLab — GitLabCWE-863 3.7 Low2024-02-21
CVE-2024-1250 Privilege Chaining in GitLab — GitLabCWE-268 6.5 Medium2024-02-12
CVE-2023-6564 Incorrect Authorization in GitLab — GitLabCWE-863 6.5 Medium2024-02-08
CVE-2023-6736 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 6.5 Medium2024-02-07
CVE-2023-6840 Missing Authorization in GitLab — GitLabCWE-862 6.7 Medium2024-02-07
CVE-2024-1066 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2024-02-07
CVE-2023-5612 Missing Authorization in GitLab — GitLabCWE-862 5.3 Medium2024-01-26

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.