On March 19, 2021, NSFOCUS detected that GitLab released patches for a code execution vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE), which was assigned a CVSS base score of 9.9. Unauthorized authenticated attackers could craft malicious requests via controllable markdown rendering options, thereby executing arbitrary code on the server.
GitLab is an open-source project for warehouse management systems. Using Git as a code management tool, it can access public or private projects through a web-based manager.
Reference link: https://about.gitlab.com/releases/2021/03/17/security-release-gitlab-13-9-4-released/
Scope of Impact
- Gitlab CE/EE < 13.9.4
- Gitlab CE/EE < 13.8.6
- Gitlab CE/EE < 13.7.9
Note: Gitlab CE/EE 13.2 and later are affected by the vulnerability.
- Gitlab CE/EE 13.9.4
- Gitlab CE/EE 13.8.6
- Gitlab CE/EE 13.7.9
Check for the Vulnerability
Users can determine whether their application is vulnerable by checking the current version. To check the current GitLab version, run the following command:
If it is one of the affected versions, the application is vulnerable.
Currently, this vulnerability has been fixed in the latest version. If you are affected by this vulnerability, please upgrade your installation as soon as possible via https://about.gitlab.com/update/.
If related users cannot upgrade for the time being, they can use a whitelist to restrict access to web ports.
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.