Security News > 2023 > May > GitLab 'strongly recommends' patching max severity flaw ASAP

GitLab 'strongly recommends' patching max severity flaw ASAP
2023-05-24 19:25

GitLab has released an emergency security update, version 16.0.1, to address a maximum severity path traversal flaw tracked as CVE-2023-2825.

GitLab is a web-based Git repository for developer teams that need to manage their code remotely and has approximately 30 million registered users and one million paying customers.

Instead, GitLab highlighted the importance of applying the latest security update without delay.

"We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible," reads GitLab's security bulletin.

All users of GitLab 16.0.0 are recommended to update to version 16.0.1 as soon as possible to mitigate the risk.

To update your GitLab installation, follow the instructions on the project's update page.


News URL

https://www.bleepingcomputer.com/news/security/gitlab-strongly-recommends-patching-max-severity-flaw-asap/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-26 CVE-2023-2825 Path Traversal vulnerability in Gitlab 16.0.0
An issue has been discovered in GitLab CE/EE affecting only version 16.0.0.
network
low complexity
gitlab CWE-22
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Gitlab 10 88 762 105 12 967