Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GitLab:GitLabGitLab CE/EEGitLab Community and Enterprise EditionsGitLab EEGitLab Runnergitlab-vscode-extensionDASTGitLab Community Edition and GitLab Enterprise EditionGitalyGitLab PagesDAST API scannerGitLab DAST API scannerGitLab VSCode ForkGitLab Language ServerGitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2025-1478 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-06-12
CVE-2025-1516 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-06-12
CVE-2025-2254 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-06-12
CVE-2025-4278 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab — GitLabCWE-80 8.7 High2025-06-12
CVE-2025-5996 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-06-12
CVE-2025-1763 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 8.7 High2025-05-30
CVE-2024-7803 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-05-23
CVE-2024-9163 User Interface (UI) Misrepresentation of Critical Information in GitLab — GitLabCWE-451 3.5 Low2025-05-23
CVE-2024-12093 Improper Validation of Consistency within Input in GitLab — GitLabCWE-1288 6.8 Medium2025-05-22
CVE-2025-0605 Weak Authentication in GitLab — GitLabCWE-1390 4.6 Medium2025-05-22
CVE-2025-0679 Exposure of Private Personal Information to an Unauthorized Actor in GitLab — GitLabCWE-359 4.3 Medium2025-05-22
CVE-2025-0993 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 7.5 High2025-05-22
CVE-2025-1110 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 2.7 Low2025-05-22
CVE-2025-2853 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-05-22
CVE-2025-3111 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-05-22
CVE-2025-4979 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 4.9 Medium2025-05-22
CVE-2024-8973 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-05-09
CVE-2025-0549 Authentication Bypass Using an Alternate Path or Channel in GitLab — GitLabCWE-288 6.8 Medium2025-05-09
CVE-2025-1278 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 5.3 Medium2025-05-09
CVE-2024-12244 Missing Authorization in GitLab — GitLabCWE-862 4.3 Medium2025-04-24
CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-04-24
CVE-2025-1908 Business Logic Errors in GitLab — GitLabCWE-840 7.7 High2025-04-24
CVE-2025-0362 Improper Restriction of Rendered UI Layers or Frames in GitLab — GitLabCWE-1021 6.4 Medium2025-04-10
CVE-2025-2469 Debug Messages Revealing Unnecessary Information in GitLab — GitLabCWE-1295 3.7 Low2025-04-10
CVE-2024-11129 Generation of Error Message Containing Sensitive Information in GitLab — GitLabCWE-209 6.3 Medium2025-04-10
CVE-2025-1677 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 6.5 Medium2025-04-10
CVE-2025-2408 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 5.3 Medium2025-04-10
CVE-2024-10307 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 4.3 Medium2025-03-28
CVE-2024-12619 Insufficient Granularity of Access Control in GitLab — GitLabCWE-1220 5.2 Medium2025-03-28
CVE-2025-2867 Improper Control of Generation of Code ('Code Injection') in GitLab — GitLabCWE-94 4.4 Medium2025-03-27

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.