Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GitLab operates as a comprehensive DevOps platform, providing version control, continuous integration, and deployment capabilities primarily for software development teams. With over one thousand recorded CVEs, the software has historically been susceptible to critical vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation attacks. These flaws often stem from complex integrations and API endpoints, allowing attackers to bypass authentication or execute arbitrary commands on affected servers. Notable incidents have included unauthorized access to private repositories and data exfiltration due to improper access controls. The high volume of vulnerabilities reflects the platform’s extensive feature set and frequent updates, necessitating rigorous patch management. Security assessments consistently highlight the importance of configuring secure defaults and monitoring for known exploit patterns to mitigate risks associated with its broad attack surface.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-13298 | GitLab 输入验证错误漏洞 — GitLab | 7.2 | High | 2020-09-14 |
| CVE-2020-13305 | GitLab 代码问题漏洞 — GitLab | 3.5 | Low | 2020-09-14 |
| CVE-2020-13309 | GitLab 代码问题漏洞 — GitLab | 5.4 | Medium | 2020-09-14 |
| CVE-2020-13310 | GitLab runner 安全漏洞 — GitLab | 6.5 | Medium | 2020-09-14 |
| CVE-2020-13315 | GitLab 安全漏洞 — GitLab | 3.7 | Low | 2020-09-14 |
| CVE-2020-13306 | GitLab 拒绝服务漏洞 — GitLab | 3.7 | Low | 2020-09-14 |
| CVE-2020-13301 | GitLab 跨站脚本漏洞 — GitLab | 5.5 | Medium | 2020-09-14 |
| CVE-2020-13302 | GitLab 代码问题漏洞 — GitLab | 3.8 | Low | 2020-09-14 |
| CVE-2020-13297 | GitLab 授权问题漏洞 — GitLab | 3.8 | Low | 2020-09-14 |
| CVE-2020-13304 | GitLab 授权问题漏洞 — GitLab | 3.8 | Low | 2020-09-14 |
| CVE-2020-13314 | GitLab Omniauth 安全漏洞 — GitLab | 3.7 | Low | 2020-09-14 |
| CVE-2020-13311 | GitLab 注入漏洞 — GitLab | 4.3 | Medium | 2020-09-14 |
| CVE-2020-13312 | GitLab 安全漏洞 — GitLab | 6.5 | Medium | 2020-09-14 |
| CVE-2020-13313 | GitLab 授权问题漏洞 — GitLab | 4.3 | Medium | 2020-09-14 |
| CVE-2020-13317 | GitLab GraphQL API 输入验证错误漏洞 — GitLab | 6.5 | Medium | 2020-09-14 |
| CVE-2020-13318 | GitLab EKS integration 安全漏洞 — GitLab | 6.4 | Medium | 2020-09-14 |
| CVE-2020-13284 | GitLab 访问控制错误漏洞 — GitLab | 6.5 | Medium | 2020-09-14 |
| CVE-2020-13289 | GitLab 暴力攻击漏洞 — GitLab | 5.4 | Medium | 2020-09-14 |
| CVE-2020-13287 | GitLab 配置错误漏洞 — GitLab | 4.3 | Medium | 2020-09-14 |
| CVE-2020-13316 | GitLab 权限验证不足漏洞 — GitLab | 5.4 | Medium | 2020-09-14 |
| CVE-2020-13299 | GitLab 代码问题漏洞 — GitLab | 8.1 | High | 2020-09-14 |
| CVE-2020-13300 | GitLab 安全漏洞 — GitLab | 8.0 | High | 2020-09-14 |
| CVE-2020-13286 | GitLab 代码问题漏洞 — GitLab | 6.4 | Medium | 2020-08-13 |
| CVE-2020-13281 | GitLab 输入验证错误漏洞 — GitLab | 6.5 | Medium | 2020-08-13 |
| CVE-2020-13280 | GitLab 资源管理错误漏洞 — GitLab | 6.5 | Medium | 2020-08-13 |
| CVE-2020-13285 | GitLab 跨站脚本漏洞 — GitLab | 7.3 | High | 2020-08-13 |
| CVE-2020-13283 | GitLab 跨站脚本漏洞 — GitLab | 7.3 | High | 2020-08-13 |
| CVE-2020-13282 | GitLab 访问控制错误漏洞 — GitLab | 3.1 | Low | 2020-08-13 |
| CVE-2020-13290 | GitLab 授权问题漏洞 — GitLab | 7.5 | High | 2020-08-12 |
| CVE-2020-13291 | GitLab 访问控制错误漏洞 — GitLab | 8.1 | High | 2020-08-12 |
This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.