GitLab Patches Pipeline Execution, SSRF, XSS Vulnerabilities

3 months ago 36
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

GitLab on Thursday announced a fresh round of critical security updates that address eight vulnerabilities across Community Edition (CE) and Enterprise Edition (EE) releases, including two pipeline execution flaws.

The most severe of the bugs is CVE-2024-9164 (CVSS score of 9.6), a critical defect in GitLab EE that could allow an attacker to run pipelines on arbitrary branches.

The second issue, tracked as CVE-2024-8970 (CVSS score of 8.2), affects GitLab CE/EE installations, and could allow an attacker to run pipelines as another user, under certain circumstances.

The critical-severity vulnerability affects GitLab EE versions 12.5 to 17.2.8, 17.3 to 17.3.4, and 17.4 to 17.4.1, while the high-severity bug impacts GitLab CE/EE versions 11.6 to 17.2.8, 17.3 to 17.3.4, and 17.4 to 17.4.1.

On Thursday, GitLab also fixed a high-severity server-side request forgery (SSRF) flaw in GitLab EE instances with Product Analytics Dashboard configured and enabled, and a cross-site scripting (XSS) bug in GitLab where a new application “can be made to render as HTML under specific circumstances” when authorizing it.

Another high-severity security defect impacting GitLab CE/EE instances would lead to issues in viewing diffs of merge requests with conflicts.

GitLab also resolved two medium-severity vulnerabilities that could allow deploy keys to push to an archived repository, and guest users to disclose project templates using the API, and a low-severity bug that could allow an unauthenticated attacker to determine a GitLab instance’s version number.

Most of these vulnerabilities were reported through GitLab’s HackerOne bug bounty program. GitLab CE/EE versions 17.4.2, 17.3.5, and 17.2.9 contain patches for them.

Advertisement. Scroll to continue reading.

GitLab makes no mention of any of these security defects being exploited in the wild, but users are advised to update their self-managed GitLab installations to the latest releases as soon as possible.

Related: GitLab Patches Critical Authentication Bypass Vulnerability

Related: Versa Networks Patches Vulnerability Exposing Authentication Tokens

Related: GitLab Security Update Patches Critical Vulnerability

Related: Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure

Read Entire Article