Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GitLab:GitLabGitLab CE/EEGitLab Community and Enterprise EditionsGitLab EEGitLab Runnergitlab-vscode-extensionDASTGitLab Community Edition and GitLab Enterprise EditionGitalyGitLab PagesDAST API scannerGitLab DAST API scannerGitLab VSCode ForkGitLab Language ServerGitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2025-6186 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-08-13
CVE-2025-7739 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-08-13
CVE-2025-7734 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-08-13
CVE-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 6.5 Medium2025-08-13
CVE-2025-8279 Missing Authentication for Critical Function in GitLab Language Server — GitLab Language ServerCWE-306 8.7 High2025-07-28
CVE-2025-0765 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2025-07-24
CVE-2025-1299 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2025-07-24
CVE-2025-4976 Exposure of Sensitive Information Due to Incompatible Policies in GitLab — GitLabCWE-213 4.3 Medium2025-07-24
CVE-2025-7001 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 4.3 Medium2025-07-24
CVE-2025-4439 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 7.7 High2025-07-23
CVE-2025-4700 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-07-23
CVE-2025-3396 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2025-07-10
CVE-2025-4972 Incorrect Authorization in GitLab — GitLabCWE-863 2.7 Low2025-07-10
CVE-2025-6168 Incorrect Authorization in GitLab — GitLabCWE-863 2.7 Low2025-07-10
CVE-2025-6948 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-07-10
CVE-2025-1754 Missing Authentication for Critical Function in GitLab — GitLabCWE-306 5.3 Medium2025-06-26
CVE-2025-2938 Business Logic Errors in GitLab — GitLabCWE-840 3.1 Low2025-06-26
CVE-2025-3279 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-06-26
CVE-2025-5315 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2025-06-26
CVE-2025-5846 Missing Authorization in GitLab — GitLabCWE-862 2.7 Low2025-06-26
CVE-2023-5600 Missing Authorization in GitLab — GitLabCWE-862 3.1 Low2025-06-20
CVE-2024-4994 Cross-Site Request Forgery (CSRF) in GitLab — GitLabCWE-352 8.1 High2025-06-20
CVE-2024-4025 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 6.5 Medium2025-06-20
CVE-2025-2443 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-06-20
CVE-2025-5121 Missing Authorization in GitLab — GitLabCWE-862 8.5 High2025-06-20
CVE-2024-7586 Insertion of Sensitive Information into Log File in GitLab — GitLabCWE-532 4.1 Medium2025-06-20
CVE-2025-5982 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 3.7 Low2025-06-12
CVE-2024-9512 Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab — GitLabCWE-367 5.3 Medium2025-06-12
CVE-2025-0673 Loop with Unreachable Exit Condition ('Infinite Loop') in GitLab — GitLabCWE-835 7.5 High2025-06-12
CVE-2025-5195 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 4.3 Medium2025-06-12

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.