GitLab races out vulnerability-fix release

By

Remote code execution, plus 15 other bugs.

GitLab last week issued an emergency patch covering 16 vulnerabilities, one of them given a  critical risk rating, along with three rated high severity.

GitLab races out vulnerability-fix release

To fix the vulnerabilities, the organisation issued an out-of-cycle release of versions 15.1.1, 15.0.4 and 14.10.5 for GitLab Community Edition (CE) and Enterprise Edition (EE), saying it “strongly recommends that all GitLab installations be upgraded to one of these versions immediately”.

The critical vulnerability, carrying a Common Vulnerability Scoring System score of 9.8, is CVE-2022-2185, discovered by HackerOne member “vakzz”.

The advisory states that “an authorised user could import a maliciously crafted project leading to remote code execution”.

It’s essentially a command injection bug arising from improper neutralisation of command elements.

The three high-rated bugs are:

  • CVE-2022-2235 – a sanitisation issue in GitLab EE’s external issue tracker, allowing an attacker to perform cross-site scripting via a malicious ZenTao link;
  • CVE-2022-2230 – A stored cross-site scripting vulnerability in GitLab CC/EE’s project settings page, allowing an attacker to execute arbitrary JavaScript on a victim's behalf; and
  • CVE-2022-2229 – an authorisation bug in both the community and enterprise editions, that allow an attacker to extract unprotected variable values from projects.

GitLab.com is already running the patched version.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?