GitLab, an open-source end-to-end software development platform, has released a security update to fix a critical-severity vulnerability affecting both GitLab Community Edition (CE) and Enterprise Edition (EE). With approximately 30 million registered users, GitLab assists developers and organizations in building, securing, and operating software. The vulnerability, identified as CVE-2023-2825, leads to arbitrary file reads and has received the highest CVSS score of 10.
GitLab stated in an advisory, “An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.” The web-based Git repository plans to release more details about the bug next month, after 30 days have passed since the patch was made available.
The issue first appeared in GitLab CE/EE version 16.0.0 and was resolved on Tuesday with the release of version 16.0.1 of the platform. A researcher named ‘pwnie’ reported the flaw through GitLab’s HackerOne-hosted bug bounty program. Due to the severity of the bug, all GitLab users running version 16.0.0 of GitLab CE or EE are strongly advised to upgrade to the latest version of the platform as soon as possible. The patch has already been deployed on GitLab.com.
GitLab did not mention any instances of this vulnerability being exploited in malicious attacks. The company has previously patched other critical vulnerabilities, such as remote code execution and account takeover vulnerabilities.