Request a Demo
Rewterz
Rewterz Threat Alert – Black Basta Ransomware – Active IOCs
February 6, 2023
Rewterz
Rewterz Threat Alerts – Tofsee Malware – Active IOCs
February 6, 2023

Rewterz Threat Advisory – Multiple GitLab Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-3759 CVSS:4.3

GitLab CE/EE is vulnerable to a denial of service, caused by a flaw in Sidekiq background job. By uploading malicious CI job artifact zips, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-3411 CVSS:6.5

GitLab CE/EE is vulnerable to a denial of service, caused by a lack of length validation. By creating a large Issue description via GraphQL, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-4138 CVSS:6.4

GitLab CE/EE is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to take over a repository. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-0518 CVSS:4.3

GitLab CE/EE is vulnerable to a denial of service, caused by a flaw in Sidekiq background job. By uploading a malicious Helm chart, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2022-4255 CVSS:4.3

GitLab could allow a remote attacker to obtain sensitive information, caused by an unspecified flaw. By using a specially-crafted webhook payload, an attacker could exploit this vulnerability to obtain a user email id.

CVE-2022-4335 CVSS:4.3

GitLab is vulnerable to server-side request forgery, caused by an unspecified flaw. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to conduct a blind SSRF attack, allowing the attacker to connect to a local host.

Impact

  • Denial of Service
  • Information Disclosure
  • Unauthorized Access

Indicators Of Compromise

CVE

  • CVE-2022-3759
  • CVE-2022-3411
  • CVE-2022-4138
  • CVE-2023-0518
  • CVE-2022-4255
  • CVE-2022-4335

Affected Vendors

GitLab

Affected Products

  • GitLab Community Edition (CE) 15.7.5
  • GitLab Community Edition (CE) 15.6.6
  • GitLab Enterprise Edition (EE) 15.6.6
  • GitLab Enterprise Edition (EE) 15.7.5
  • GitLab Enterprise Edition (EE) 15.8.0
  • GitLab Community Edition (CE) 15.8.0
  • GitLab 15.4.5
  • GitLab 15.5.4
  • GitLab 15.6.0

Remediation

Upgrade to the latest version of GitLab, available from the GitLab Web site.

GitLab Community Edition

GitLab 15.4.5, 15.5.4, 15.6.0