Corrective updates to the platform for organizing collaborative development have been published - GitLab 16.8.1, 16.7.4, 16.6.6 and 16.5.8, in which 5 vulnerabilities are fixed. One of the issues (CVE-2024-0402), which has been appearing since the release of GitLab 16.0, has been assigned a critical severity level. The vulnerability allows an authenticated user to write files to any directory on the server, to the extent permitted by the access rights under which the GitLab web interface is running.
The vulnerability is caused by an error in the implementation of the workspace creation function. The error appears when parsing devfile parameters specified in an incorrect YAML format (in the patch, the problem is solved by converting YAML to JSON and checking for the presence of constructs that are correct in YAML, but invalid in JSON due to the use of certain Unicode characters). Detailed information about the vulnerability is planned to be disclosed 30 days after the patch is published. The vulnerability was identified during an internal audit by one of the GitLab employees.
Source: opennet.ru
