CVE-2024-9164: GitLab Patches Critical Security Hole
GitLab has released security updates for both its Community Edition (CE) and Enterprise Edition (EE), addressing eight vulnerabilities, including a critical flaw that could allow the execution of CI/CD pipelines on arbitrary branches.
One of the vulnerabilities, tracked as CVE-2024-9164, received an almost maximum CVSS score of 9.6 out of 10. According to the official GitLab advisory, the vulnerability affects EE versions from 12.5 to 17.2.9, from 17.3 to 17.3.5, and from 17.4 to 17.4.2. This flaw enables the execution of pipelines on unauthorized repository branches.
The remaining seven vulnerabilities include four with high severity, two with medium severity, and one with low severity. Let us examine the vulnerabilities with the highest ratings in more detail:
- CVE-2024-8970 (CVSS score: 8.2) — allows an attacker to execute pipelines on behalf of another user under certain conditions.
- CVE-2024-8977 (CVSS score: 8.2) — permits SSRF attacks when the Product Analytics Dashboard is enabled.
- CVE-2024-9631 (CVSS score: 7.5) — causes performance degradation when viewing conflicts in merge requests.
- CVE-2024-6530 (CVSS score: 7.3) — introduces an HTML injection vulnerability on the OAuth authorization page due to cross-site scripting (XSS).
The remaining three vulnerabilities allow deployment keys to modify archived repositories (CVE-2024-9623), permit guests to expose project templates via the API (CVE-2024-5005), and enable unauthorized users to determine the version of GitLab (CVE-2024-9596).
These updates continue GitLab’s recent streak of pipeline-related vulnerability fixes. In September, the company addressed another critical vulnerability (CVE-2024-6678, CVSS score: 9.9) that allowed pipeline jobs to be executed on behalf of arbitrary users.
Previously, three similar vulnerabilities were patched—CVE-2023-5009, CVE-2024-5655, and CVE-2024-6385—each with a CVSS score of 9.6.
At present, there is no information regarding the active exploitation of the newly patched vulnerabilities. However, users are strongly urged to update their GitLab installations to protect against potential threats.
