GitLab fixes critical arbitrary file write flaw

GitLab has addressed multiple security vulnerabilities, including a critical severity flaw. This flaw, tracked as CVE-2024-0402 (CVSS score 9.9), is an arbitrary file write vulnerability that poses a significant threat to organizations using vulnerable versions of GitLab in production. It allows authenticated users to write files to arbitrary locations on the GitLab server while creating a workspace, potentially leading to complete compromise of GitLab instances. This vulnerability could enable attackers to steal data or distribute malware across corporate networks.

Affected versions of GitLab include:

• GitLab Community Edition (CE) and Enterprise Edition (EE) versions from 16.0 up to but not including 16.5.8.
• GitLab CE/EE versions from 16.6 up to but not including 16.6.6.
• GitLab CE/EE versions from 16.7 up to but not including 16.7.4.
• GitLab CE/EE versions from 16.8 up to but not including 16.8.1.

Versions that are not affected:

• GitLab CE/EE version 16.5.8 and later versions.
• GitLab CE/EE version 16.6.6 and later versions.
• GitLab CE/EE version 16.7.4 and later versions.
• GitLab CE/EE version 16.8.1 and later versions.

GitLab has already patched this vulnerability in their latest release. Users can check their current GitLab version with the command `cat /opt/gitlab/embedded/service/gitlab-rails/VERSION`. The update not only mitigates this critical risk but also addresses other vulnerabilities of varying severity, including an input validation weakness that could lead to denial-of-service attacks, a user profile API manipulation issue, and the exposure of private user email addresses.

Аs a mitigating measure, уsers who cannot immediately upgrade can use an allowlist to restrict access to the Web interface so it's not visible from the entire internet.