Zosintha zowongolera pa nsanja yachitukuko ya GitLab 15.3.1, 15.2.3 ndi 15.1.5 kuthetsa kusatetezeka kwambiri (CVE-2022-2884) komwe kumalola wogwiritsa ntchito wovomerezeka kukhala ndi mwayi wofikira ku API kuti alowetse deta kuchokera ku GitHub kuti apereke khodi patali. seva. Zambiri zogwirira ntchito sizinaperekedwebe. Kusatetezekako kudazindikirika ndi wofufuza zachitetezo ngati gawo la pulogalamu yachiwopsezo ya HackerOne.
Monga njira yogwirira ntchito, tikulimbikitsidwa kuti woyang'anira aletse ntchito yolowetsa kuchokera ku GitHub (mu mawonekedwe a intaneti a GitLab: "Menyu" -> "Admin" -> "Zikhazikiko" -> "General" -> "Mawonekedwe ndi zowongolera" - > "Zochokera kuzinthu" -> zimitsani "GitHub").
Source: opennet.ru