{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-064.pdf"
    },
    "title": "Vulnerabilities in GitLab",
    "serial_number": "2024-064",
    "publish_date": "28-06-2024 17:37:21",
    "description": "On June 26, 2024, GitLab released a security advisory addressing several vulnerabilities, one of which being critical, allowing an attacker to trigger a pipeline as another user under certain circumstances.<br>\n",
    "url_title": "2024-064",
    "content_markdown": "---\ntitle: 'Vulnerabilities in GitLab'\nnumber: '2024-064'\nversion: '1.0'\noriginal_date: 'June 26, 2024'\ndate: 'June 28, 2024'\n---\n\n_History:_\n\n* _28/06/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn June 26, 2024, GitLab released a security advisory addressing several vulnerabilities, one of which being critical, allowing an attacker to trigger a pipeline as another user under certain circumstances [1].\n\n# Technical Details\n\n- The critical vulnerability `CVE-2024-5655`, with a CVSS score of 9.6, allows an attacker to trigger a pipeline as another user under certain circumstances. GitLab pipelines are a feature of the Continuous Integration/Continuous Deployment (CI/CD) system that enables users to automatically run processes and tasks, either in parallel or in sequence, to build, test, or deploy code changes.\n\n- The vulnerability `CVE-2024-4901`, with a CVSS score of 8.7, is an issue where a stored XSS vulnerability could be imported from a project with malicious commit notes.\n\n- The vulnerability `CVE-2024-4994`, with a CVSS score of 8.1, allows for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL mutations.\n\n- The vulnerability `CVE-2024-6323`, with a CVSS score of 7.5, allows an attacker leak content of a private repository in a public project.\n\n# Affected Products\n\nThe following versions of GitLab CE/EE are affected:\n\n- from 15.8 prior to 16.11.5\n- from 17.0 prior to 17.0.3\n- from 17.1 prior to 17.1.1.\n\n# Recommendations\n\nCERT-EU strongly recommends updating software installations to the latest versions by following the instructions given by the vendor [1].\n\n# References\n\n[1] <https://about.gitlab.com/releases/2024/06/26/patch-release-gitlab-17-1-1-released/>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>28/06/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On June 26, 2024, GitLab released a security advisory addressing several vulnerabilities, one of which being critical, allowing an attacker to trigger a pipeline as another user under certain circumstances [1].</p><h2 id=\"technical-details\">Technical Details</h2><ul><li><p>The critical vulnerability <code>CVE-2024-5655</code>, with a CVSS score of 9.6, allows an attacker to trigger a pipeline as another user under certain circumstances. GitLab pipelines are a feature of the Continuous Integration/Continuous Deployment (CI/CD) system that enables users to automatically run processes and tasks, either in parallel or in sequence, to build, test, or deploy code changes.</p></li><li><p>The vulnerability <code>CVE-2024-4901</code>, with a CVSS score of 8.7, is an issue where a stored XSS vulnerability could be imported from a project with malicious commit notes.</p></li><li><p>The vulnerability <code>CVE-2024-4994</code>, with a CVSS score of 8.1, allows for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL mutations.</p></li><li><p>The vulnerability <code>CVE-2024-6323</code>, with a CVSS score of 7.5, allows an attacker leak content of a private repository in a public project.</p></li></ul><h2 id=\"affected-products\">Affected Products</h2><p>The following versions of GitLab CE/EE are affected:</p><ul><li>from 15.8 prior to 16.11.5</li><li>from 17.0 prior to 17.0.3</li><li>from 17.1 prior to 17.1.1.</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU strongly recommends updating software installations to the latest versions by following the instructions given by the vendor [1].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://about.gitlab.com/releases/2024/06/26/patch-release-gitlab-17-1-1-released/\">https://about.gitlab.com/releases/2024/06/26/patch-release-gitlab-17-1-1-released/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}