Man
Professional
- Messages
- 3,051
- Reaction score
- 577
- Points
- 113
Launching pipelines now comes with unexpected risks.
GitLab has released security updates for the Community Edition (CE) and Enterprise Edition (EE) versions, which fix eight vulnerabilities, including a critical bug that could allow CI/CD pipelines to run on arbitrary branches.
One of the vulnerabilities, registered as CVE-2024-9164, received a rating close to the highest — 9.6 out of 10 on the CVSS scale. GitLab's official notice states that the vulnerability affects EE versions 12.5 to 17.2.9, 17.3 to 17.3.5, and 17.4 to 17.4.2. The bug allows you to run pipelines on unauthorized repository branches.
The list of seven remaining vulnerabilities includes four high-severity issues, two medium-severity issues, and one low-severity issue. Let's take a closer look at the vulnerabilities with the highest rating:
The remaining three vulnerabilities allow deployment keys to modify archived repositories (CVE-2024-9623), allow guests to disclose project templates via API (CVE-2024-5005), and allow unauthorized users to determine the version of GitLab (CVE-2024-9596).
These updates continue a series of patches for pipeline-related vulnerabilities that GitLab has been disclosing in recent months. For example, in September, the company fixed another critical vulnerability (CVE-2024-6678, CVSS score: 9.9) that allowed pipeline jobs to be run as an arbitrary user.
Previously, three similar vulnerabilities were fixed — CVE-2023-5009, CVE-2024-5655, and CVE-2024-6385 — each with a CVSS score of 9.6.
At the moment, there is no information about the active exploitation of recently patched vulnerabilities, but users are strongly advised to update their versions of GitLab to protect against possible threats.
Source
GitLab has released security updates for the Community Edition (CE) and Enterprise Edition (EE) versions, which fix eight vulnerabilities, including a critical bug that could allow CI/CD pipelines to run on arbitrary branches.
One of the vulnerabilities, registered as CVE-2024-9164, received a rating close to the highest — 9.6 out of 10 on the CVSS scale. GitLab's official notice states that the vulnerability affects EE versions 12.5 to 17.2.9, 17.3 to 17.3.5, and 17.4 to 17.4.2. The bug allows you to run pipelines on unauthorized repository branches.
The list of seven remaining vulnerabilities includes four high-severity issues, two medium-severity issues, and one low-severity issue. Let's take a closer look at the vulnerabilities with the highest rating:
- CVE-2024-8970 (CVSS score: 8.2) - allows an attacker to launch pipelines on behalf of another user under certain conditions.
- CVE-2024-8977 (CVSS score: 8.2) - Allows SSRF attacks when Product Analytics Dashboard is enabled.
- CVE-2024-9631 (CVSS score: 7.5) - Causes a slowdown when viewing conflicts in merge queries.
- CVE-2024-6530 (CVSS score: 7.3) - HTML injection on the OAuth authorization page of a new application due to a cross-site scripting vulnerability.
The remaining three vulnerabilities allow deployment keys to modify archived repositories (CVE-2024-9623), allow guests to disclose project templates via API (CVE-2024-5005), and allow unauthorized users to determine the version of GitLab (CVE-2024-9596).
These updates continue a series of patches for pipeline-related vulnerabilities that GitLab has been disclosing in recent months. For example, in September, the company fixed another critical vulnerability (CVE-2024-6678, CVSS score: 9.9) that allowed pipeline jobs to be run as an arbitrary user.
Previously, three similar vulnerabilities were fixed — CVE-2023-5009, CVE-2024-5655, and CVE-2024-6385 — each with a CVSS score of 9.6.
At the moment, there is no information about the active exploitation of recently patched vulnerabilities, but users are strongly advised to update their versions of GitLab to protect against possible threats.
Source
