GitLab 15.3.1, 15.2.3, thiab 15.1.5 daim kho rau lub platform kev sib koom tes kho qhov tsis muaj zog tseem ceeb (CVE-2022-2884) uas tuaj yeem tso cai rau tus neeg siv uas tau lees paub nrog kev nkag mus rau GitHub cov ntaub ntawv xa tawm API kom ua tiav cov lej ntawm lub server. Cov ntsiab lus ntawm kev siv tsis tau muaj. Qhov tsis muaj zog tau pom los ntawm tus kws tshawb fawb kev ruaj ntseg los ntawm HackerOne qhov kev pab cuam tsis muaj zog.
Ua ib qho kev daws teeb meem, nws raug pom zoo kom tus thawj coj kaw qhov kev ua haujlwm import los ntawm GitHub (hauv GitLab web interface: "Menu" -> "Admin" -> "Settings" -> "General" -> "Visibility and access controls" -> "Import sources" -> lov tes taw "GitHub").
Tau qhov twg los: opennet.ru
