{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-026.pdf"
    },
    "title": "Vulnerabilities in GitLab",
    "serial_number": "2024-026",
    "publish_date": "08-03-2024 09:11:28",
    "description": "On March 6, 2024, GitLab released a security advisory addressing several vulnerabilities that could lead to a security policy bypass and a breach of data confidentiality.<br>\n",
    "url_title": "2024-026",
    "content_markdown": "---\ntitle: 'Vulnerabilities in GitLab'\nnumber: '2024-026'\nversion: '1.0'\noriginal_date: 'March 6, 2024'\ndate: 'March 8, 2024'\n---\n\n_History:_\n\n* _08/03/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn March 6, 2024, GitLab released a security advisory addressing several vulnerabilities that could lead to a security policy bypass and a breach of data confidentiality [1].\n\n# Technical Details\n\n- The vulnerability `CVE-2024-0199`, with a CVSS score of 7.7, allows an attacker to bypass CODEOWNERS approval allowing stealing protected variables by utilising a crafted payload in an old feature branch to perform malicious actions.\n- The vulnerability `CVE-2024-1299`, with a CVSS score of 6.5, allows a user with the custom role of `manage_group_access_tokens` to rotate group access tokens with owner privileges.\n\n# Affected Products\n\n- GitLab Community Edition (CE) and Gitlab Enterprise Edition (EE) versions prior to 16.7.7;\n- GitLab Community Edition (CE) and Gitlab Enterprise Edition (EE) versions 16.8.x prior to 16.8.4;\n- GitLab Community Edition (CE) and Gitlab Enterprise Edition (EE) versions 16.9.x prior to 16.9.2.\n\n# Recommendations\n\nCERT-EU strongly recommends updating software installations to the latest versions by following the instructions given by the vendor [1].\n\n# References\n\n[1] <https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>08/03/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On March 6, 2024, GitLab released a security advisory addressing several vulnerabilities that could lead to a security policy bypass and a breach of data confidentiality [1].</p><h2 id=\"technical-details\">Technical Details</h2><ul><li>The vulnerability <code>CVE-2024-0199</code>, with a CVSS score of 7.7, allows an attacker to bypass CODEOWNERS approval allowing stealing protected variables by utilising a crafted payload in an old feature branch to perform malicious actions.</li><li>The vulnerability <code>CVE-2024-1299</code>, with a CVSS score of 6.5, allows a user with the custom role of <code>manage_group_access_tokens</code> to rotate group access tokens with owner privileges.</li></ul><h2 id=\"affected-products\">Affected Products</h2><ul><li>GitLab Community Edition (CE) and Gitlab Enterprise Edition (EE) versions prior to 16.7.7;</li><li>GitLab Community Edition (CE) and Gitlab Enterprise Edition (EE) versions 16.8.x prior to 16.8.4;</li><li>GitLab Community Edition (CE) and Gitlab Enterprise Edition (EE) versions 16.9.x prior to 16.9.2.</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU strongly recommends updating software installations to the latest versions by following the instructions given by the vendor [1].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/\">https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}