Vakzz

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions 11.11.8 and earlier GitLab Community and Enterprise Edition versions 12.0.6 and earlier GitLab Community and Enterprise Edition versions 12.1.6 and earlier **Description** An issue was discovered in GitLab Community and Enterprise Edition. Gitaly allows injection of command-line flags, which sometimes leads to privilege escalation or remote code execution. **Recommendations** For versions 11.11.8 and earlier, update to version 11.11.8 or later. For versions 12.0.6 and earlier, update to version 12.0.6 or later. For versions 12.1.6 and earlier, update to version 12.1.6 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 13.7 through 15.7.8 GitLab versions 15.8 through 15.8.4 GitLab versions 15.9 through 15.9.2 **Description** An issue has been discovered in GitLab where a specially crafted Kroki diagram could lead to a stored XSS on the client side. This allows attackers to perform arbitrary actions on behalf of victims. **Recommendations** For versions 13.7 through 15.7.8, update to version 15.7.8 or later. For versions 15.8 through 15.8.4, update to version 15.8.4 or later. For versions 15.9 through 15.9.2, update to version 15.9.2 or later. As a temporary workaround, consider disabling the use of Kroki diagrams until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 10.0 through 15.2.5 GitLab versions 15.3 through 15.3.4 GitLab versions 15.4 through 15.4.1 **Description** An issue in GitLab allows an unauthorized user to create issues in a project. **Recommendations** For versions 10.0 through 15.2.5, update to version 15.2.5 or later. For versions 15.3 through 15.3.4, update to version 15.3.4 or later. For versions 15.4 through 15.4.1, update to version 15.4.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 14.4 through 15.2.5 GitLab CE/EE versions 15.3 through 15.3.4 GitLab CE/EE versions 15.4 through 15.4.1 **Description** An issue in the Import functionality allows an authenticated user to read arbitrary projects' content given the project's ID. **Recommendations** For versions 14.4 through 15.2.5, update to version 15.2.5 or later. For versions 15.3 through 15.3.4, update to version 15.3.4 or later. For versions 15.4 through 15.4.1, update to version 15.4.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 11.10 through 15.1.6 GitLab CE/EE versions 15.2 through 15.2.4 GitLab CE/EE versions 15.3 through 15.3.2 **Description** A vulnerability in GitLab CE/EE allows an authenticated user to achieve remote code execution via the "Import from GitHub" API endpoint. The issue is related to the import function from GitHub, which is associated with a lack of data cleaning measures at the management level. This can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For GitLab CE/EE versions 11.10 through 15.1.6, update to a version after 15.1.6. For GitLab CE/EE versions 15.2 through 15.2.4, update to a version after 15.2.4. For GitLab CE/EE versions 15.3 through 15.3.2, update to a version after 15.3.2. As a temporary workaround, consider disabling the "Import from GitHub" API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 14.0 through 14.10.5 GitLab versions 15.0 through 15.0.4 GitLab versions 15.1 through 15.1.1 **Description** The issue is related to the improper assignment of permissions for a critical resource in GitLab, allowing an authenticated user authorized to import projects to import a maliciously crafted project. This can lead to remote code execution. The problem is associated with the Project Imports function in GitLab. **Recommendations** For GitLab versions 14.0 through 14.10.5, update to version 14.10.5 or later. For GitLab versions 15.0 through 15.0.4, update to version 15.0.4 or later. For GitLab versions 15.1 through 15.1.1, update to version 15.1.1 or later. As a temporary workaround, consider restricting access to the project import feature until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 10 through 14.7.7 GitLab CE/EE versions 14.8.0 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.2 **Description** A denial of service issue occurs when rendering RDoc files, allowing an attacker to crash the GitLab web application with a maliciously crafted RDoc file. **Recommendations** For GitLab CE/EE versions 10 through 14.7.7, update to a version outside of this range to resolve the issue. For GitLab CE/EE versions 14.8.0 through 14.8.5, update to a version outside of this range to resolve the issue. For GitLab CE/EE versions 14.9.0 through 14.9.2, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the rendering of RDoc files until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE (affected versions not specified) **Description** The issue is related to improper input validation in GitLab CE/EE when using sendmail to send emails. This allows an attacker to steal environment variables by using specially crafted email addresses. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 14.5 and later **Description** An issue has been discovered in GitLab CE/EE, allowing for arbitrary file read by importing a group due to incorrect handling of files. **Recommendations** For versions 14.5 and later, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 13.3 and later **Description** The issue is related to a stored XSS vulnerability in GitLab, specifically when using the design feature in issues. This vulnerability allows a remote attacker to impact data integrity by exploiting the lack of protection measures for the web page structure. **Recommendations** For GitLab versions 13.3 and later, consider disabling the design feature in issues as a temporary workaround until a patch is available. Restrict access to the design feature to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 13.11 through 13.11.6 GitLab CE/EE versions 13.12 through 13.12.7 GitLab CE/EE versions 14.0 through 14.0.3 **Description** An issue has been discovered in GitLab CE/EE that allows attackers to read arbitrary files on the server by using a specially crafted design image. This issue is related to information disclosure and can be exploited by a remote attacker to access confidential data. **Recommendations** For versions 13.11 through 13.11.6, update to version 13.11.7 or later. For versions 13.12 through 13.12.7, update to version 13.12.8 or later. For versions 14.0 through 14.0.3, update to version 14.0.4 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 11.9 through 13.10.2 GitLab CE/EE versions prior to 14.0 **Description** The issue is related to insufficient input validation in GitLab when parsing image files, allowing remote command execution. This has been exploited in real-world incidents, including a financially motivated operation called "LABRAT" that involves cryptomining and proxyjacking. The operation uses specially crafted image files to gain control over vulnerable GitLab servers, which are then used for malicious activities such as DDoS attacks and selling access to compromised systems. **Recommendations** For GitLab versions 11.9 through 13.10.2, update to version 14.0 or later to resolve the issue. For GitLab CE/EE versions prior to 14.0, update to version 14.0 or later to resolve the issue. As a temporary workaround, consider restricting access to image file uploads or disabling the image parsing functionality until a patch is applied.

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.2 and later Description: An issue has been discovered in GitLab CE/EE allowing unauthorized authenticated users to execute arbitrary code on the server. Recommendations: For GitLab CE/EE versions 13.2 and later, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitLab versions prior to 12.10.13 GitLab versions prior to 13.0.8 GitLab versions prior to 13.1.2 **Description** A stored cross-site scripting issue was discovered in GitLab when editing references. **Recommendations** For versions prior to 12.10.13, update to version 12.10.13 or later. For versions prior to 13.0.8, update to version 13.0.8 or later. For versions prior to 13.1.2, update to version 13.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab versions prior to 13.1.2 GitLab versions prior to 13.0.8 GitLab versions prior to 12.10.13 **Description** An issue has been discovered in GitLab, where it was vulnerable to a stored XSS by using the PyPi files API. **Recommendations** For versions prior to 13.1.2, update to version 13.1.2 or later. For versions prior to 13.0.8, update to version 13.0.8 or later. For versions prior to 12.10.13, update to version 12.10.13 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 12.8 and later **Description** The issue allows exposure of sensitive information to an unauthorized actor via NuGet. **Recommendations** For GitLab EE versions 12.8 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitLab Community Edition (CE) versions 12.7.x through 12.7.8 GitLab Community Edition (CE) versions 12.8.x through 12.8.8 GitLab Community Edition (CE) versions 12.9.x through 12.9.2 GitLab Enterprise Edition (EE) versions 12.7.x through 12.7.8 GitLab Enterprise Edition (EE) versions 12.8.x through 12.8.8 GitLab Enterprise Edition (EE) versions 12.9.x through 12.9.2 **Description** An issue in GitLab could lead to the exposure of sensitive information via request smuggling, potentially allowing NuGet package and file disclosure. **Recommendations** For GitLab Community Edition (CE) versions 12.7.x through 12.7.8, update to version 12.7.9 or later. For GitLab Community Edition (CE) versions 12.8.x through 12.8.8, update to version 12.8.9 or later. For GitLab Community Edition (CE) versions 12.9.x through 12.9.2, update to version 12.9.3 or later. For GitLab Enterprise Edition (EE) versions 12.7.x through 12.7.8, update to version 12.7.9 or later. For GitLab Enterprise Edition (EE) versions 12.8.x through 12.8.8, update to version 12.8.9 or later. For GitLab Enterprise Edition (EE) versions 12.9.x through 12.9.2, update to version 12.9.3 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab EE/CE versions 8.5 to 12.9 **Description** The issue is related to a path traversal vulnerability that occurs when moving an issue between projects. **Recommendations** For GitLab EE/CE versions 8.5 to 12.9, update to a version that contains a fix for this issue to prevent path traversal attacks.

**Name of the Vulnerable Software and Affected Versions** GitLab versions 8.10 through 12.9 **Description** The issue is related to a Server-Side Request Forgery (SSRF) in the project import note feature. This allows an attacker to forge requests from the server, potentially leading to unauthorized access to internal systems or sensitive data. **Recommendations** For GitLab versions 8.10 through 12.9, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions prior to 12.3.2 GitLab CE/EE versions prior to 12.2.6 GitLab CE/EE versions prior to 12.1.12 **Description** A command injection issue exists that allows an attacker to inject commands via the API through the blobs scope. **Recommendations** For versions prior to 12.3.2, update to version 12.3.2 or later. For versions prior to 12.2.6, update to version 12.2.6 or later. For versions prior to 12.1.12, update to version 12.1.12 or later.