Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GitLab operates as a comprehensive DevOps platform, providing version control, continuous integration, and deployment capabilities primarily for software development teams. With over one thousand recorded CVEs, the software has historically been susceptible to critical vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation attacks. These flaws often stem from complex integrations and API endpoints, allowing attackers to bypass authentication or execute arbitrary commands on affected servers. Notable incidents have included unauthorized access to private repositories and data exfiltration due to improper access controls. The high volume of vulnerabilities reflects the platform’s extensive feature set and frequent updates, necessitating rigorous patch management. Security assessments consistently highlight the importance of configuring secure defaults and monitoring for known exploit patterns to mitigate risks associated with its broad attack surface.

Top products by GitLab: GitLab GitLab CE/EE GitLab Community and Enterprise Editions GitLab EE GitLab Runner gitlab-vscode-extension DAST GitLab Community Edition and GitLab Enterprise Edition Gitaly GitLab Pages DAST API scanner GitLab DAST API scanner GitLab VSCode Fork GitLab Language Server GitLab AI Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2022-1428 GitLab 输入验证错误漏洞 — GitLab 4.3 Medium2022-05-11
CVE-2022-1426 GitLab 授权问题漏洞 — GitLab 2.0 Low2022-05-11
CVE-2022-1352 GitLab 信息泄露漏洞 — GitLab 5.3 Medium2022-05-11
CVE-2022-1433 GitLab 跨站脚本漏洞 — GitLab 2.6 Low2022-05-11
CVE-2022-1545 GitLab CE/EE 安全漏洞 — GitLab 4.3 Medium2022-05-11
CVE-2022-1417 GitLab 访问控制错误漏洞 — GitLab 4.3 Medium2022-05-10
CVE-2022-1431 GitLab 输入验证错误漏洞 — GitLab 4.3 Medium2022-05-10
CVE-2022-0477 GitLab Enterprise Edition和GitLab Community Edition 输入验证错误漏洞 — GitLab 4.9 Medium2022-04-25
CVE-2022-1157 GitLab Community Edition 和 Enterprise Edition 日志信息泄露漏洞 — GitLab 2.6 Low2022-04-11
CVE-2022-1193 GitLab 访问控制错误漏洞 — GitLab 4.3 Medium2022-04-11
CVE-2022-1175 GitLab Enterprise Edition 跨站脚本漏洞 — GitLab 8.7 High2022-04-04
CVE-2022-1190 GitLab 跨站脚本漏洞 — GitLab 8.7 High2022-04-04
CVE-2022-1162 GitLab Community Edition和GitLab Enterprise Edition 信任管理问题漏洞 — GitLab 9.1 Critical2022-04-04
CVE-2022-1148 GitLab Community Edition和GitLab Enterprise Edition 授权问题漏洞 — GitLab 5.3 Medium2022-04-04
CVE-2022-1121 GitLab 输入验证错误漏洞 — GitLab Pages 5.3 Medium2022-04-04
CVE-2022-1111 GitLab Community Edition和GitLab Enterprise Edition安全漏洞 — GitLab 2.4 Low2022-04-04
CVE-2022-1185 GitLab 缓冲区错误漏洞 — GitLab 6.5 Medium2022-04-04
CVE-2022-1120 GitLab Community Edition和GitLab Enterprise Edition 信息泄露漏洞 — GitLab 4.8 Medium2022-04-04
CVE-2022-1174 GitLab Community Edition和GitLab Enterprise Edition 资源管理错误漏洞 — GitLab 4.3 Medium2022-04-04
CVE-2022-1188 GitLab Enterprise Edition和GitLab Community Edition 代码问题漏洞 — GitLab 3.7 Low2022-04-04
CVE-2022-1105 GitLab Community Edition和GitLab Enterprise Edition 安全漏洞 — GitLab 4.3 Medium2022-04-04
CVE-2022-1099 GitLab Community Edition和GitLab Enterprise Edition 资源管理错误漏洞 — GitLab 4.3 Medium2022-04-04
CVE-2022-1100 GitLab Community Edition和GitLab Enterprise Edition输入验证错误漏洞 — GitLab 4.3 Medium2022-04-04
CVE-2022-1189 GitLab Enterprise Edition和GitLab Community Edition 信息泄露漏洞 — GitLab 3.1 Low2022-04-04
CVE-2022-0740 GitLab Community Edition (CE) and Enterprise Edition (EE) 授权问题漏洞 — GitLab 3.1 Low2022-04-04
CVE-2022-0741 GitLab Enterprise Edition 输入验证错误漏洞 — GitLab 5.8 Medium2022-04-01
CVE-2022-0425 GitLab Enterprise Edition 代码问题漏洞 — GitLab 5.4 Medium2022-04-01
CVE-2021-39908 GitLab 代码注入漏洞 — GitLab 6.5 Medium2022-04-01
CVE-2022-0373 GitLab Enterprise Edition 安全漏洞 — GitLab 4.3 Medium2022-04-01
CVE-2022-0390 GitLab Enterprise Edition 访问控制错误漏洞 — GitLab 4.3 Medium2022-04-01

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.