GitLab — Vulnerabilities & Security Advisories 1012

Browse all 1012 CVE security advisories affecting GitLab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GitLab operates as a comprehensive DevOps platform, providing version control, continuous integration, and deployment capabilities primarily for software development teams. With over one thousand recorded CVEs, the software has historically been susceptible to critical vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation attacks. These flaws often stem from complex integrations and API endpoints, allowing attackers to bypass authentication or execute arbitrary commands on affected servers. Notable incidents have included unauthorized access to private repositories and data exfiltration due to improper access controls. The high volume of vulnerabilities reflects the platform’s extensive feature set and frequent updates, necessitating rigorous patch management. Security assessments consistently highlight the importance of configuring secure defaults and monitoring for known exploit patterns to mitigate risks associated with its broad attack surface.

Top products by GitLab: GitLab GitLab CE/EE GitLab Community and Enterprise Editions GitLab EE GitLab Runner gitlab-vscode-extension DAST GitLab Community Edition and GitLab Enterprise Edition Gitaly GitLab Pages DAST API scanner GitLab DAST API scanner GitLab VSCode Fork GitLab Language Server GitLab AI Gateway

CVE ID	Title	CVSS	Severity	Published
CVE-2022-2227	GitLab 访问控制错误漏洞 — GitLab	3.1	Low	2022-07-01
CVE-2022-2243	GitLab 访问控制错误漏洞 — GitLab	5.0	Medium	2022-07-01
CVE-2022-2235	GitLab EE 跨站脚本漏洞 — GitLab	8.7	High	2022-07-01
CVE-2022-2185	GitLab 操作系统命令注入漏洞 — GitLab	9.9	Critical	2022-07-01
CVE-2022-2281	GitLab 授权问题漏洞 — GitLab	2.6	Low	2022-07-01
CVE-2022-2244	GitLab 安全漏洞 — GitLab	4.3	Medium	2022-07-01
CVE-2022-2250	GitLab 输入验证错误漏洞 — GitLab	4.7	Medium	2022-07-01
CVE-2022-1680	GitLab 访问控制错误漏洞 — GitLab	9.9	Critical	2022-06-06
CVE-2022-1783	GitLab Enterprise Edition和GitLab Community Edition 安全漏洞 — GitLab	2.7	Low	2022-06-06
CVE-2022-1944	GitLab 授权问题漏洞 — GitLab	5.4	Medium	2022-06-06
CVE-2022-1821	GitLab Community Edition和GitLab Enterprise Edition 资源管理错误漏洞 — GitLab	4.3	Medium	2022-06-06
CVE-2022-1936	GitLab 授权问题漏洞 — GitLab	6.5	Medium	2022-06-06
CVE-2022-1940	GitLab 跨站脚本漏洞 — GitLab	7.7	High	2022-06-06
CVE-2022-1935	GitLab 授权问题漏洞 — GitLab	6.5	Medium	2022-06-06
CVE-2022-1423	GitLab 访问控制错误漏洞 — GitLab	7.1	High	2022-05-19
CVE-2022-1413	GitLab 信息泄露漏洞 — GitLab	5.4	Medium	2022-05-19
CVE-2022-1416	GitLab和Pip 跨站脚本漏洞 — GitLab	4.3	Medium	2022-05-19
CVE-2022-1124	GitLab 授权问题漏洞 — GitLab	4.3	Medium	2022-05-11
CVE-2022-1510	GitLab 资源管理错误漏洞 — GitLab	6.5	Medium	2022-05-11
CVE-2022-1460	GitLab 授权问题漏洞 — GitLab	6.1	Medium	2022-05-11
CVE-2022-1406	GitLab 输入验证错误漏洞 — GitLab	6.5	Medium	2022-05-11
CVE-2022-1428	GitLab 输入验证错误漏洞 — GitLab	4.3	Medium	2022-05-11
CVE-2022-1426	GitLab 授权问题漏洞 — GitLab	2.0	Low	2022-05-11
CVE-2022-1352	GitLab 信息泄露漏洞 — GitLab	5.3	Medium	2022-05-11
CVE-2022-1433	GitLab 跨站脚本漏洞 — GitLab	2.6	Low	2022-05-11
CVE-2022-1545	GitLab CE/EE 安全漏洞 — GitLab	4.3	Medium	2022-05-11
CVE-2022-1417	GitLab 访问控制错误漏洞 — GitLab	4.3	Medium	2022-05-10
CVE-2022-1431	GitLab 输入验证错误漏洞 — GitLab	4.3	Medium	2022-05-10
CVE-2022-0477	GitLab Enterprise Edition和GitLab Community Edition 输入验证错误漏洞 — GitLab	4.9	Medium	2022-04-25
CVE-2022-1157	GitLab Community Edition 和 Enterprise Edition 日志信息泄露漏洞 — GitLab	2.6	Low	2022-04-11

This page lists every published CVE security advisory associated with GitLab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

GitLab — Vulnerabilities & Security Advisories 1012