Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GitLab:GitLabGitLab CE/EEGitLab Community and Enterprise EditionsGitLab EEGitLab Runnergitlab-vscode-extensionDASTGitLab Community Edition and GitLab Enterprise EditionGitalyGitLab PagesDAST API scannerGitLab DAST API scannerGitLab VSCode ForkGitLab Language ServerGitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2024-2743 Incorrect Authorization in GitLab — GitLabCWE-863 5.3 Medium2024-09-12
CVE-2024-4612 URL Redirection to Untrusted Site ('Open Redirect') in GitLab — GitLabCWE-601 6.4 Medium2024-09-12
CVE-2024-4660 Missing Authorization in GitLab — GitLabCWE-862 6.5 Medium2024-09-12
CVE-2024-5435 Generation of Error Message Containing Sensitive Information in GitLab — GitLabCWE-209 4.5 Medium2024-09-12
CVE-2024-6446 Business Logic Errors in GitLab — GitLabCWE-840 3.5 Low2024-09-12
CVE-2024-6389 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab — GitLabCWE-497 4.3 Medium2024-09-12
CVE-2024-8124 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 7.5 High2024-09-12
CVE-2024-8640 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab — GitLabCWE-77 8.5 High2024-09-12
CVE-2024-3127 Improper Access Control in GitLab — GitLabCWE-284 4.3 Medium2024-08-22
CVE-2024-6502 Incorrect Provision of Specified Functionality in GitLab — GitLabCWE-684 5.7 Medium2024-08-22
CVE-2024-7110 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab — GitLabCWE-77 6.4 Medium2024-08-22
CVE-2024-8041 Uncontrolled Resource Consumption in GitLab — GitLabCWE-400 6.5 Medium2024-08-22
CVE-2024-2800 Uncontrolled Resource Consumption in GitLab — GitLabCWE-1333 6.5 Medium2024-08-08
CVE-2024-3035 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 6.8 Medium2024-08-08
CVE-2024-3114 Uncontrolled Resource Consumption in GitLab — GitLabCWE-1333 4.3 Medium2024-08-08
CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab — GitLabCWE-94 5.3 Medium2024-08-08
CVE-2024-4207 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 4.4 Medium2024-08-08
CVE-2024-5423 Uncontrolled Resource Consumption in GitLab — GitLabCWE-400 6.5 Medium2024-08-08
CVE-2024-7554 Exposure of Sensitive Information to an Unauthorized Actor in GitLab — GitLabCWE-200 4.9 Medium2024-08-08
CVE-2024-7610 Uncontrolled Resource Consumption in GitLab — GitLabCWE-400 4.3 Medium2024-08-08
CVE-2024-4210 Uncontrolled Resource Consumption in GitLab — GitLabCWE-400 6.5 Medium2024-08-08
CVE-2024-4784 Authentication Bypass by Primary Weakness in GitLab — GitLabCWE-305 4.2 Medium2024-08-08
CVE-2024-6329 Improper Encoding or Escaping of Output in GitLab — GitLabCWE-116 5.7 Medium2024-08-08
CVE-2024-7057 Improper Access Control in GitLab — GitLabCWE-284 4.3 Medium2024-07-25
CVE-2024-7047 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 7.7 High2024-07-25
CVE-2024-0231 Improper Control of Resource Identifiers ('Resource Injection') in GitLab — GitLabCWE-99 2.7 Low2024-07-24
CVE-2024-5067 Exposure of Sensitive Information to an Unauthorized Actor in GitLab — GitLabCWE-200 4.4 Medium2024-07-24
CVE-2024-7060 Exposure of Sensitive Information to an Unauthorized Actor in GitLab — GitLabCWE-200 2.6 Low2024-07-24
CVE-2024-7091 Exposure of Sensitive Information to an Unauthorized Actor in GitLab — GitLabCWE-200 4.1 Medium2024-07-24
CVE-2024-6595 Uncontrolled Search Path Element in GitLab — GitLabCWE-451 3.0 Low2024-07-17

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.