目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

GitLab 厂商漏洞列表 / CVE 中文分析 1012

GitLab 厂商相关 1012 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

GitLab 提供基于 Web 的 DevOps 平台,核心用于代码托管、CI/CD 及项目管理。其历史漏洞多涉及远程代码执行、越权访问及跨站脚本攻击,累计收录 CVE 达 1012 条。平台内置安全扫描功能,支持 SAST 与 DAST 集成,助力开发者在流水线中识别风险。尽管存在安全挑战,其持续更新的补丁机制与透明披露政策,使其成为企业构建安全软件供应链的重要基础设施。

上位製品 GitLab: GitLab GitLab CE/EE GitLab Community and Enterprise Editions GitLab EE GitLab Runner gitlab-vscode-extension DAST GitLab Community Edition and GitLab Enterprise Edition Gitaly GitLab Pages DAST API scanner GitLab DAST API scanner GitLab VSCode Fork GitLab Language Server GitLab AI Gateway
CVE IDタイトルCVSS深刻度公開日
CVE-2023-3915 Incorrect Execution-Assigned Permissions in GitLab — GitLabCWE-279 6.5 Medium2023-09-01
CVE-2023-4522 Improper Validation of Specified Type of Input in GitLab — GitLabCWE-1287 4.3 Medium2023-08-30
CVE-2023-4002 Insertion of Sensitive Information Into Sent Data in GitLab — GitLabCWE-201 5.3 Medium2023-08-04
CVE-2023-4008 Incorrect Ownership Assignment in GitLab — GitLabCWE-708 5.3 Medium2023-08-03
CVE-2023-3932 Incorrect User Management in GitLab — GitLabCWE-286 5.3 High2023-08-03
CVE-2023-2022 Missing Authorization in GitLab — GitLabCWE-262 4.3 Medium2023-08-02
CVE-2023-3401 Improper Control of Generation of Code ('Code Injection') in GitLab — GitLabCWE-94 4.8 Medium2023-08-02
CVE-2023-4011 Allocation of Resources Without Limits or Throttling in GitLab — GitLabCWE-770 4.3 Medium2023-08-02
CVE-2023-3500 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 4.8 Medium2023-08-02
CVE-2023-3900 Improper Validation of Specified Type of Input in GitLab — GitLabCWE-1287 4.3 Medium2023-08-02
CVE-2023-3993 Insertion of Sensitive Information into Log File in GitLab — GitLabCWE-532 4.9 Medium2023-08-02
CVE-2023-3994 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 7.5 High2023-08-02
CVE-2023-0632 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 6.5 Medium2023-08-01
CVE-2023-1210 Generation of Error Message Containing Sensitive Information in GitLab — GitLabCWE-209 3.1 Low2023-08-01
CVE-2023-2164 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab — GitLabCWE-79 5.4 Medium2023-08-01
CVE-2023-3364 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 7.5 High2023-08-01
CVE-2023-3385 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab — GitLabCWE-22 6.3 Medium2023-08-01
CVE-2023-1401 Insertion of Sensitive Information Into Sent Data in GitLab — GitLabCWE-201 5.0 Medium2023-07-26
CVE-2023-3102 Insertion of Sensitive Information Into Sent Data in GitLab — GitLabCWE-201 5.3 Medium2023-07-21
CVE-2023-3484 Incorrect Authorization in GitLab — GitLabCWE-863 8.0 High2023-07-21
CVE-2023-2620 Insertion of Sensitive Information Into Sent Data in GitLab — GitLabCWE-201 5.5 Medium2023-07-13
CVE-2023-2576 Incorrect Authorization in GitLab — GitLabCWE-863 4.3 Medium2023-07-13
CVE-2023-3362 Generation of Error Message Containing Sensitive Information in GitLab — GitLabCWE-209 5.3 Medium2023-07-13
CVE-2023-3363 Insertion of Sensitive Information into Log File in GitLab — GitLabCWE-532 3.9 Low2023-07-13
CVE-2023-3444 Incorrect Authorization in GitLab — GitLabCWE-863 5.7 Medium2023-07-13
CVE-2023-3424 Inefficient Regular Expression Complexity in GitLab — GitLabCWE-1333 7.5 High2023-07-13
CVE-2023-2200 Improper Encoding or Escaping of Output in GitLab — GitLabCWE-116 4.1 Medium2023-07-13
CVE-2023-2190 Authorization Bypass Through User-Controlled Key in GitLab — GitLabCWE-639 6.5 Medium2023-07-13
CVE-2023-1936 Exposure of Private Personal Information to an Unauthorized Actor in GitLab — GitLabCWE-359 3.5 Low2023-07-11
CVE-2023-2232 GitLab 安全漏洞 — GitLab 6.5 Medium2023-06-28

本页汇总了 GitLab 厂商截至目前公开的全部 1012 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。