Stay Secure with the Latest Linux Advisories

security advisorydenial of servicehigh severity

Arch Linux Advisory ASA-202105-4 High Severity GitLab Issues

The package gitlab before version 13.10.4-1 is vulnerable to multiple issues including insufficient validation, access restriction bypass, denial of service and information disclosure. . Arch Linux Security Advisory ASA-202105-4 ======================================== Severity: High Date : 2021-05-19 CVE-ID : CVE-2021-22206 CVE-2021-22208 CVE-2021-22209 CVE-2021-22210 CVE-2021-22211 Package : gitlab Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1888 Summary ====== The package gitlab before version 13.10.4-1 is vulnerable to multiple issues including insufficient validation, access restriction bypass, denial of service and information disclosure. Resolution ========= Upgrade to 13.10.4-1. # pacman -Syu "gitlab> =13.10.4-1" The problems have been fixed upstream in version 13.10.4. Workaround ========= None. Description ========== - CVE-2021-22206 (information disclosure) An issue has been discovered in GitLab affecting all versions prior to 11.6. Pull mirror credentials were exposed and could allow other maintainers to view the credentials in plain-text. The issue is fixed in GitLab versions 13.11.2, 13.10.4 and 13.9.7. - CVE-2021-22208 (access restriction bypass) An issue has been discovered in GitLab affecting versions prior to 13.5. Improper permission check could allow the change of timestamp for issue creation or update. The issue is fixed in GitLab versions 13.11.2, 13.10.4 and 13.9.7. - CVE-2021-22209 (insufficient validation) An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed. The issue is fixed in GitLab versions 13.11.2, 13.10.4 and 13.9.7. - CVE-2021-22210 (denial of service) An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount ofresults. The issue is fixed in GitLab versions 13.11.2, 13.10.4 and 13.9.7. - CVE-2021-22211 (access restriction bypass) An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling. The issue is fixed in GitLab versions 13.11.2, 13.10.4 and 13.9.7. Impact ===== A remote attacker could obtain sensitive pull mirror credentials, manipulate issue creation timestamps, execute GraphQL mutations, cause denial of service by generating large API query responses, or impersonate other users. References ========= https://about.gitlab.com/releases/2021/04/28/security-release-gitlab-13-11-2-released/#pull-mirror-credentials-were-exposed https://about.gitlab.com/releases/2021/04/28/security-release-gitlab-13-11-2-released/#non-owners-can-set-system_note_timestamp-when-creating--updating-issues https://about.gitlab.com/releases/2021/04/28/security-release-gitlab-13-11-2-released/#read-api-scoped-tokens-can-execute-mutations https://about.gitlab.com/releases/2021/04/28/security-release-gitlab-13-11-2-released/#denial-of-service-when-querying-repository-branches-api https://about.gitlab.com/releases/2021/04/28/security-release-gitlab-13-11-2-released/#deploytoken-will-impersonate-a-user-with-the-same-id-when-using-dependency-proxy https://security.archlinux.org/CVE-2021-22206 https://security.archlinux.org/CVE-2021-22208 https://security.archlinux.org/CVE-2021-22209 https://security.archlinux.org/CVE-2021-22210 https://security.archlinux.org/CVE-2021-22211 . Examine diverse problems influencing GitLab before release 13.10.4-1 in Arch Linux advisory ASA-202105-4.. GitLab Issues, Arch Linux Security, Access Control, Denial of Service. . LinuxSecurity.com Team

May 20, 2021 ArchLinux