Critical GitLab Flaw Earns Bounty Hunter $20K

2020-04-29 16:39

A critical GitLab vulnerability, which could be leveraged by a remote attacker to execute code, recently netted a researcher a $20,000 bug-bounty award.

The flaw was reported to GitLab by software developer William Bowling via the HackerOne bug bounty platform on March 23.

A path traversal is a web security flaw that allows an attacker to read arbitrary files on the server that is running an application.

Specifically the flaw exists in the UploadsRewriter function of GitLab, which is used to duplicate files.

Once the arbitrary file read flaw is exploited, he said, it can be used to grab the secret key base from the /opt/gitlab/embedded/service/gitlab-rails/config/secrets.

News URL

https://threatpost.com/critical-gitlab-flaw-bounty-20k/155295/

#bounty #critical

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Gitlab		10	47	706	231	57	1041