GitLab has issued an important security update addressing a range of vulnerabilities affecting multiple versions of its platform. The update, which includes versions 17.6.2, 17.5.4, and 17.4.6 for Community Edition (CE) and Enterprise Edition (EE), tackles flaws that could lead to serious consequences, including account takeovers, denial of service attacks, and information disclosure.
One of the most severe vulnerabilities, identified as CVE-2024-11274 (CVSS 8.7), allows for the “injection of Network Error Logging (NEL) headers in kubernetes proxy response could lead to session data exfiltration.” This high-severity flaw could enable attackers to steal user session data and potentially gain unauthorized access to accounts.
Another critical issue, CVE-2024-8233 (CVSS 7.5), enables attackers to launch denial of service attacks by “repeatedly sending unauthenticated requests for diff-files.” This vulnerability affects all GitLab versions from 9.4, highlighting the urgency for users to update their installations.
The update also addresses several medium and low-severity vulnerabilities, including:
- CI_JOB_TOKEN Exploitation: Attackers could potentially use stolen CI_JOB_TOKENs to gain access to user sessions.
- Open Redirects and Path Traversal: Vulnerabilities related to open redirects and path traversal could be exploited for phishing attacks and information leakage.
- Cross-Site Scripting (XSS) and HTML Injection: Flaws related to improper output encoding and vulnerability details could lead to XSS attacks if Content Security Policy (CSP) is not enabled.
- Information Leaks: Unauthorized users could gain access to confidential information, such as branch names in private projects and incident details.
GitLab strongly urges all users to update their installations to the latest versions “as soon as possible” to mitigate these security risks. The company credits security researchers who reported these vulnerabilities through its HackerOne bug bounty program.
