GitLab
Security Scorecard
Score
95C
Total CVEs
33
Patch Rate
94%
31 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical0
High16
Medium17
Low0
Patch Status
Patched31 (94%)
Partial/Workaround0 (0%)
Unpatched2 (6%)
CVEs (34)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12716 | GitLab CE/EE Cross-Site Scripting Vulnerability | High | 8.7 | - | Patched |
| CVE-2025-12029 | GitLab Swagger UI Bypass | High | 8.0 | 16d | Unpatched |
| CVE-2025-8405 | GitLab Security Patch Release | High | 7.7 | - | Patched |
| CVE-2025-12562 | GitLab Denial of Service Vulnerability | High | 7.5 | - | Patched |
| CVE-2025-11984 | GitLab WebAuthn Bypass | Medium | 6.8 | - | Patched |
| CVE-2025-14157 | GitLab Denial of Service Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2025-4097 | GitLab Denial of Service Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2025-13978 | GitLab CE/EE Privilege Escalation | Medium | 4.3 | 22d | Unpatched |
| CVE-2025-11247 | GitLab GraphQL Query Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2024-9183 | GitLab CE/EE Authentication Bypass | High | 7.7 | - | Patched |