GitLab Patches Critical RCE Vulnerability

⚡ TL;DR | Go Straight to the GitLab Report

GitLab has released new versions (15.3.1, 15.2.3, 15.1.5) for their Community Edition (CE) and Enterprise Edition (EE) in response to a critical Remote Command Execution (RCE) vulnerability. The vulnerability could allow an attacker to run code on the target machine, inject malware and backdoors, or even take complete control of the machine.

CVE-2022-2884

The vulnerability tracked as CVE-2022-2884 received a critical CVSS score of 9.9 and allows an authenticated user to trigger remote code execution via the GitHub import API. It affects all versions of GitLab CE/EE starting from 11.3.4 before 15.1.5, 15.2 before 15.2.3, and 15.3 before 15.3.1. GitLab strongly recommends all users update their installations to any of the fixed versions 15.3.1, 15.2.3, or 15.1.5 as soon as possible. GitLab.com is already running the patched version.

Disabling the GitHub Import Option

If it is not possible to update your GitLab installation right away, there is a workaround to protect yourself against this vulnerability by disabling the GitHub import. Log in using an administrator account to your GitLab installation and perform the following:

  1. Click "Menu" -> "Admin".
  2. Click "Settings" -> "General".
  3. Expand the "Visibility and access controls" tab.
  4. Under "Import sources" disable the "GitHub" option.
  5. Click "Save changes".

Find Vulnerable GitLab Installs

To help with mitigating the risk of this vulnerability as soon as possible, we've created a report to list all GitLab Linux software along with details like the version, description, install date, and more so you know where your GitLab installations are located and which version they are running.

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​