- How many CVEs does GitLab have?
- GitLab has 1,424 published CVE records since 2014, including 318 in the last two years.
- How many GitLab CVEs are in CISA KEV?
- Yes — 4 of GitLab's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which GitLab products have the most CVEs?
- The GitLab products with the most published CVEs are GitLab, GitLab EE, GitLab CE, Gitlab CE/EE, GitLab Community and Enterprise Editions.
- What are the most common weakness types in GitLab CVEs?
- GitLab's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-770 (Allocation of Resources Without Limits or Throttling), CWE-863 (Incorrect Authorization), CWE-862 (Missing Authorization).
- Are there public exploits for GitLab vulnerabilities?
- Yes — 563 of GitLab's CVEs have a known public exploit.
- How many critical GitLab vulnerabilities are there?
- GitLab has 75 critical and 409 high-severity CVEs.
- What is the average severity of GitLab CVEs?
- The average CVSS base score across GitLab's scored CVEs is 6.3.