Original Issue Date: May 06, 2022
Severity Rating: HIGH
Software Affected
GitLab versions prior to 14.10.1, 14.9.4,14.8.6for GitLab Community Edition (CE) and Enterprise Edition (EE)
Overview
Multiple vulnerabilities have been reported in GitLab, which could be exploited by an attacker to trigger denial of service condition, sensitive information disclosure, improper authentication, security restriction bypass, spoofing and cross-site scripting on the targeted system.
Description
These vulnerabilities exist in GitLab due to improper access control in the CI/CD cache mechanism, Re DoS on CI Editor and CI Pipeline detail pages, user with developer role (group) can modify Protected branches allowed to merge setting on imported project, maintainer can execute scheduled CI pipeline as another user, missing input masking on sensitive integration properties, API discloses issue titles of limited projects, improper rack-attack discriminator for authenticated _packages _api with a deploy
token, Improper access control in Project Members-only Wiki, Guest project member can access trace log of jobs when it is enabled, HTML and CSS injection in pipeline error messages, forging GET Requests through and denying service of simple PyPi API Endpoint, missing invalidation of markdown cache causes potential XSS payloads to persist, and Conan API incorrectly processes JWT-encoded personal access tokens.
Successful exploitation of these vulnerabilities could allow an attacker to trigger denial of service condition, sensitive information disclosure, improper authentication, security restriction bypass, spoofing and cross-site scripting on the targeted system.
Solution
Apply appropriate updates as mentioned in GitLab Security Release
https://about.gitlab.com/releases/2022/05/02/security-release-gitlab-14-10-1-released/