Vulnerability in Gitlab, allowing you to access Runner tokens

In the corrective updates of the platform for organizing the joint development of Gitlab 14.8.2, 14.7.4 and 14.6.5 Eliminated Critical Vulnerability ( CVE- 2022-0735 ), which allows an unauthorized user to extract registration tokens in Gitlab Runner , used to organize a call to the code assembly Project in the system of continuous integration. Details are not yet given, it is mentioned that the problem is caused by the information leakage when using the Quick Actions .

The problem has been identified by Gitlab employees and covers versions from 12.10 to 14.6.5, from 14.7 to 14.7.4, and from 14.8 to 14.8.2.
Users that support their own Gitlab settings is recommended to install update or Apply . The problem Eliminated through leaving access to Quick Actions commands only for user authority. After installing the update or individual PREFIX patches, previously created for groups and projects, registration of registration in Runner will be reset and proceeded.

In addition to the critical vulnerability in new versions, 6 less dangerous vulnerabilities are also eliminated, which can lead to the addition of an unprivileged user of other users in groups, disinfect users via manipulation with the contents of snippet-s, leakage of environment variables through sendmail delivery method, to determine the availability of users through GRAPHQL API, password leakage when mirrored by SSH repository in Pull , DOS attack through the system Send comments.

/Media reports.