Request a Demo
Rewterz
Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
March 4, 2022
Rewterz
Rewterz Threat Advisory – CVE-2021-44747 – F-Secure Linux Security Vulnerability
March 4, 2022

Rewterz Threat Advisory – Multiple GitLab Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-0735

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorized user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands. 

CVE-2022-0549

An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under certain conditions, GitLab REST API may allow unprivileged users to add other users to groups even if that is not possible to do through the Web UI.

CVE-2022-0751

Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an unauthorized actor to create Snippets with misleading content, which could trick unsuspecting users into executing arbitrary commands.

CVE-2022-0741

Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an unauthorized actor to steal environment variables via specially crafted email addresses.

CVE-2021-4191

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.0 and all versions starting from 14.4 before 14.8. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration by unauthenticated users through the GraphQL API. 

CVE-2022-0738

An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, and all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions.

CVE-2022-0489

An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15. It was possible to trigger a DOS by using the math feature with a specific formula in issue comments.

Impact

  • Unauthorized Access
  • Privilege Escalation
  • Credential Theft
  • Denial of Service
  • Information Theft

Indicators of Compromise

CVE

  • CVE-2022-0735
  • CVE-2022-0549
  • CVE-2022-0751
  • CVE-2022-0741
  • CVE-2021-4191

Affected Vendors

GitLab

Affected Products

All versions of GitLab CE/EE
GitLab Omnibus prior to 14.8

Remediation

Refer to GitHUB Advisory for patch, upgrade, or suggested workaround information. 

https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/