SB2025010944 - Multiple vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE)
Published: January 9, 2025 Updated: January 23, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) File and Directory Information Exposure (CVE-ID: CVE-2025-0194)
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to possible access token exposure in GitLab logs. A remote administrator can log access tokens when API requests are made in a specific manner.
2) Improper access control (CVE-ID: CVE-2024-12431)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote user can manipulate the status of issues in public projects.
3) Improper access control (CVE-ID: CVE-2024-13041)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to instance SAML does not respect external_provider configuration. A remote user which is not marked as external can gain access to internal projects or groups.
Remediation
Install update from vendor's website.
References
- https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/#possible-access-token-exposure-in-gitlab-logs
- https://gitlab.com/gitlab-org/gitlab/-/issues/489459
- https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/#unauthorized-user-can-manipulate-status-of-issues-in-public-projects
- https://gitlab.com/gitlab-org/gitlab/-/issues/508742
- https://hackerone.com/reports/2877710
- https://about.gitlab.com/releases/2025/01/08/patch-release-gitlab-17-7-1-released/