GitLab Workhorse Security
GitLab Workhorse is a smart reverse proxy for GitLab positioned between NGINX and the Rails application[^c1]. It intercepts all HTTP traffic to and from Rails and handles resource-intensive operations such as file transfers, Git operations, and data streaming. All authentication and authorization decisions remain in the Rails application, and all requests to Rails pass through Workhorse[^c2]. A typical GitLab installation uses NGINX as a web server to proxy through Workhorse and into the Puma application server. Apache is technically usable only when installing from source and is not officially supported in Omnibus deployments.[^c8].
Workhorse relies on a shared-secret JWT mechanism for internal authentication with Rails and other components such as [[gitaly]] and [[gitlab-shell]]. Rate limiting protects the Rails backend from overload, and a multipart middleware with allowed-path validation and JWT-signed upload metadata secures file upload processing.
The proxy began as a weekend Go project called gitlab-git-http-server and evolved within roughly four months into a central traffic cop routing all HTTP requests[^c7]. It has been the subject of numerous security vulnerabilities spanning multiple classes: parser differentials between Workhorse and Rails's middleware stack, HTTP request smuggling through inconsistent interpretation of requests, architectural weaknesses such as upload processing code executing before authentication checks, path traversal enabling JWT token leakage, and file upload resource exhaustion leading to denial of service. The most critical vulnerability, CVE-2021-22205, allowed unauthenticated remote code execution through ExifTool and was widely exploited in the wild.
In 2026, four new CVEs were disclosed that directly affect Workhorse's own code: CVE-2025-9222 (stored XSS via Markdown placeholders, CVSS 8.7[^c4]), CVE-2026-0958 (DoS via JSON validation middleware bypass, CVSS 7.5[^c6]), CVE-2026-1182 (confidential issue title disclosure, CVSS 4.3), and CVE-2026-1458 (DoS via malicious file upload resource exhaustion[^c5]). An additional EE-only vulnerability, CVE-2026-1184 (DoS via deserialization in file upload), is a Rails-layer issue shipped in the same distribution package rather than Workhorse code. The June 24, 2026 patch release (versions 19.1.1, 19.0.3, 18.11.6) addressed 13 CVEs[^c9][^c10], none of which reference Workhorse directly, continuing a trend of Workhorse stability. The May 2026 security release (versions 18.11.3, 18.10.6, 18.9.7) fixed 25 CVEs, including CVE-2026-1184 (a deserialization DoS in GitLab EE, not Workhorse-specific code)[^c3].