{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-096.pdf"
    },
    "title": "Vulnerabilities in GitLab",
    "serial_number": "2024-096",
    "publish_date": "13-09-2024 15:05:42",
    "description": "On September 11, 2024, GitLab released a security advisory addressing several vulnerabilities, one of which being critical, allowing an attacker to trigger pipelines as arbitrary users under certain conditions.<br>\n",
    "url_title": "2024-096",
    "content_markdown": "---\ntitle: 'Vulnerabilities in GitLab'\nnumber: '2024-096'\nversion: '1.0'\noriginal_date: '2024-09-11'\ndate: '2024-09-13'\n---\n\n_History:_\n\n* _13/09/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn September 11, 2024, GitLab released a security advisory addressing several vulnerabilities, one of which being critical, allowing an attacker to trigger pipelines as arbitrary users under certain conditions [1].\n\n# Technical Details\n\n- The critical vulnerability **CVE-2024-6678**, with a CVSS score of 9.9, allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances. GitLab pipelines are a feature of the Continuous Integration/Continuous Deployment (CI/CD) system that enables users to automatically run processes and tasks, either in parallel or in sequence, to build, test, or deploy code changes.\n\n- The vulnerability **CVE-2024-8640**, with a CVSS score of 8.5, allows an attacker to inject commands into a connected Cube server.\n\n- The vulnerability **CVE-2024-8635**, with a CVSS score of 7.7, allows an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL.\n\n- The vulnerability **CVE-2024-8124**, with a CVSS score of 7.5, allows an attacker cause Denial of Service via sending a large `glm_source` parameter.\n\n# Affected Products\n\nThe following versions of GitLab CE/EE are affected:\n\n- from 8.14 up to 17.1.7;\n- from 17.2 prior to 17.2.5;\n- from 17.3 prior to 17.3.2.\n\n# Recommendations\n\nCERT-EU strongly recommends updating affected GitLab instances to the latest versions [1].\n\n# References\n\n[1] <https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>13/09/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On September 11, 2024, GitLab released a security advisory addressing several vulnerabilities, one of which being critical, allowing an attacker to trigger pipelines as arbitrary users under certain conditions [1].</p><h2 id=\"technical-details\">Technical Details</h2><ul><li><p>The critical vulnerability <strong>CVE-2024-6678</strong>, with a CVSS score of 9.9, allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances. GitLab pipelines are a feature of the Continuous Integration/Continuous Deployment (CI/CD) system that enables users to automatically run processes and tasks, either in parallel or in sequence, to build, test, or deploy code changes.</p></li><li><p>The vulnerability <strong>CVE-2024-8640</strong>, with a CVSS score of 8.5, allows an attacker to inject commands into a connected Cube server.</p></li><li><p>The vulnerability <strong>CVE-2024-8635</strong>, with a CVSS score of 7.7, allows an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL.</p></li><li><p>The vulnerability <strong>CVE-2024-8124</strong>, with a CVSS score of 7.5, allows an attacker cause Denial of Service via sending a large <code>glm_source</code> parameter.</p></li></ul><h2 id=\"affected-products\">Affected Products</h2><p>The following versions of GitLab CE/EE are affected:</p><ul><li>from 8.14 up to 17.1.7;</li><li>from 17.2 prior to 17.2.5;</li><li>from 17.3 prior to 17.3.2.</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU strongly recommends updating affected GitLab instances to the latest versions [1].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/\">https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}