URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite

GitLab, the web-based DevOps lifecycle tool, has yet again had to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE). This flaw could potentially be exploited to write arbitrary files during the creation of a workspace. The vulnerability, registered as CVE-2024-0402, has received a high CVSS score of 9.9 out of a maximum 10, denoting its severity. This issue affects all versions of GitLab CE/EE from 16.0 prior and users are urged to upgrade their systems to mitigate this security risk.

Published: Tue, 30 Jan 2024 21:48:00 +0530