CVE-2022-2428 : Security Advisory and Response

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE allows an attacker to issue arbitrary HTTP requests in versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2.

Understanding CVE-2022-2428

This CVE-2022-2428 affects GitLab's Jupyter Notebook viewer, potentially enabling attackers to perform unauthorized HTTP requests.

What is CVE-2022-2428?

CVE-2022-2428 is a vulnerability in GitLab EE/CE that arises from a crafted tag in the Jupyter Notebook viewer, permitting malicious actors to send arbitrary HTTP requests.

The Impact of CVE-2022-2428

The impact of this vulnerability is rated as HIGH on confidentiality and integrity, with a base score of 6.4, which falls in the MEDIUM severity range.

Technical Details of CVE-2022-2428

The following details shed light on the technical aspects of the CVE.

Vulnerability Description

The issue stems from improper handling of tags in the Jupyter Notebook viewer, leading to the execution of unauthorized HTTP requests.

Affected Systems and Versions

GitLab versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 are susceptible to this vulnerability.

Exploitation Mechanism

Exploiting CVE-2022-2428 involves manipulating crafted tags in the Jupyter Notebook viewer to issue and execute unauthorized HTTP requests.

Mitigation and Prevention

Protecting your systems from CVE-2022-2428 requires immediate action and long-term security practices.

Immediate Steps to Take

Update GitLab EE/CE to versions 15.1.6, 15.2.4, and 15.3.2 or newer.
Monitor network activity for suspicious HTTP requests.

Long-Term Security Practices

Conduct regular security audits and vulnerability assessments.
Educate users on recognizing and reporting suspicious activities.

Patching and Updates

Stay informed about security patches and updates issued by GitLab to address CVE-2022-2428.