Ashish

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.7 through 17.1.7 GitLab CE/EE versions 17.2 through 17.2.5 GitLab CE/EE versions 17.3 through 17.3.2 Description: An issue was discovered in GitLab CE/EE where group runners information was disclosed to unauthorized group members. The issue is related to the Group Member Handler component and involves bypassing authorization via a user-controlled key, allowing a remote attacker to gain unauthorized access to protected information. Recommendations: For GitLab CE/EE versions 16.7 through 17.1.7, update to version 17.1.7 or later. For GitLab CE/EE versions 17.2 through 17.2.5, update to version 17.2.5 or later. For GitLab CE/EE versions 17.3 through 17.3.2, update to version 17.3.2 or later. As a temporary workaround, consider restricting access to group runners information to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.1 through 16.11.5 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: The issue is related to inadequate access control in GitLab, a collaborative coding platform. It allows a non-project member to promote key results to objectives, potentially leading to unauthorized access to protected information. Recommendations: For versions 16.1 through 16.11.5, update to version 16.11.5 or later. For versions 17.0 through 17.0.3, update to version 17.0.3 or later. For versions 17.1 through 17.1.1, update to version 17.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 16.8 prior to 16.8.4 GitLab versions 16.9 prior to 16.9.2 **Description** A privilege escalation issue was discovered in GitLab. It was possible for a user with a custom role of `manage group access tokens` to rotate group access tokens with owner privileges. **Recommendations** For GitLab versions 16.8 prior to 16.8.4, update to version 16.8.4 or later. For GitLab versions 16.9 prior to 16.9.2, update to version 16.9.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 16.0 through 16.4.3 GitLab EE versions 16.5 through 16.5.3 GitLab EE versions 16.6 through 16.6.1 **Description** A privilege escalation issue in GitLab EE allows a project Maintainer to use a Project Access Token to escalate their role to Owner. **Recommendations** For versions 16.0 through 16.4.3, update to version 16.4.4 or later. For versions 16.5 through 16.5.3, update to version 16.5.4 or later. For versions 16.6 through 16.6.1, update to version 16.6.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 15.5 through 15.7.7 GitLab versions 15.8 through 15.8.3 GitLab versions 15.9 through 15.9.1 **Description** An issue has been discovered in GitLab where non-project members could retrieve release descriptions via the API, even if the release visibility is restricted to project members only in the project settings. **Recommendations** For versions 15.5 through 15.7.7, update to version 15.7.8 or later. For versions 15.8 through 15.8.3, update to version 15.8.4 or later. For versions 15.9 through 15.9.1, update to version 15.9.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions prior to 15.4.6 GitLab EE version 15.5 prior to 15.5.5 GitLab EE version 15.6 prior to 15.6.1 **Description** A blind SSRF vulnerability was identified which allows an attacker to connect to a local host. **Recommendations** For GitLab EE versions prior to 15.4.6, update to version 15.4.6 or later. For GitLab EE version 15.5 prior to 15.5.5, update to version 15.5.5 or later. For GitLab EE version 15.6 prior to 15.6.1, update to version 15.6.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 11.3 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.3 GitLab CE/EE versions 15.5 through 15.5.1 **Description** An issue with access control in GitLab CE/EE allowed unauthorized users to view release names, even when releases were restricted to project members only. **Recommendations** For GitLab CE/EE versions 11.3 through 15.3.4, update to version 15.3.5 or later. For GitLab CE/EE versions 15.4 through 15.4.3, update to version 15.4.4 or later. For GitLab CE/EE versions 15.5 through 15.5.1, update to version 15.5.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 12.5 through 14.10.4 GitLab EE versions 15.0 through 15.0.3 GitLab EE versions 15.1 through 15.1.0 **Description** An information disclosure issue in GitLab EE allows the disclosure of release titles if group milestones are associated with any project releases. **Recommendations** For versions 12.5 through 14.10.4, update to version 14.10.5 or later. For versions 15.0 through 15.0.3, update to version 15.0.4 or later. For versions 15.1 through 15.1.0, update to version 15.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 12.0 to 14.3.6 GitLab CE/EE versions 14.4 to 14.4.4 GitLab CE/EE versions 14.5 to 14.5.2 **Description** An information disclosure issue allowed non-project members to see the default branch name for projects that restrict access to the repository to project members. **Recommendations** For versions 12.0 to 14.3.6, update to a version outside of this range to resolve the issue. For versions 14.4 to 14.4.4, update to a version outside of this range to resolve the issue. For versions 14.5 to 14.5.2, update to a version outside of this range to resolve the issue.

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.6 and later Description: The issue allows an attacker to see pending invitations of any public group or public project by visiting a specific "API endpoint". Recommendations: For GitLab CE/EE versions 13.6 and later, consider restricting access to the API endpoint until a patch is available.

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.8 and above Description: An issue has been discovered allowing an authenticated user to delete incident metric images of public projects. Recommendations: For GitLab CE/EE versions 13.8 and above, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 13.3 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 **Description** Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE. This information was exposed through GraphQL to non-members of public projects with repository visibility restricted as well as guest members on private projects. **Recommendations** For versions 13.3 through 13.3.8, update to version 13.3.9 or later to resolve the issue. For versions 13.4 through 13.4.4, update to version 13.4.5 or later to resolve the issue. For versions 13.5 through 13.5.1, update to version 13.5.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 **Description** A vulnerability was discovered that allows project reporters and above to see confidential EPIC attached to confidential issues. **Recommendations** For versions prior to 13.1.10, update to version 13.1.10 or later. For versions prior to 13.2.8, update to version 13.2.8 or later. For versions prior to 13.3.4, update to version 13.3.4 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions 12.0 through 12.2.1 **Description** An issue was discovered that could result in disclosure of private milestones, labels, and other information due to an IDOR in the epic notes API. **Recommendations** For GitLab Community and Enterprise Edition versions 12.0 through 12.2.1, consider restricting access to the epic notes API until a fix is available. As a temporary workaround, avoid using the epic notes API to minimize the risk of information disclosure.