GitLab has resolved a raft of vulnerabilities – including two high-impact web security flaws – with an update to its software development platform.
A cross-site request forgery (CSRF) vulnerability in GitLab’s GraphQL API created a means for an attacker to call mutations while posing as their victim.
A second high severity vulnerability meant that the GitLab Webhook feature could be abused to perform denial-of-service (DoS) attacks.
GitLab bug bounty
The DoS vulnerability was discovered by researcher ‘afewgoats’ and disclosed through a GitLab bug bounty program run by HackerOne.
CVE trackers have been requested for both high impact vulnerabilities, but identifiers are yet to be assigned.
The Daily Swig invited to ‘afewgoats’ to comment on the flaw they discovered. No word back as yet but we’ll update this story as and when more information comes to hand.
The CRSF and DoS issues – as well as an array of lesser flaws – can be resolved by updating installations to the most recent version of GitLab.
The platform update also tackles 15 medium severity and two low-impact flaws, as explained in a security alert from GitLab.
These additional flaws include a clipboard DOM-based cross-site scripting (XSS) issue, a reflected XSS in release edit pages, and a stored XSS on audit log issue, among other flaws.
Source: https://portswigger.net/daily-swig/gitlab-triages-bug-bounty-reported-flaws-with-latest-release