The GitLab CE and EE have two security issues in Git. One of them is CVE-2022-41903, which is an integer overflow in the ‘git-log’ and ‘git-archive’ commands that can result in arbitrary heap writes and remote code execution. Additionally, there is another security issue named CVE-2022-23521, which is an integer overflow in ‘.gitattributes’ that can result in arbitrary heap reads and writes, and remote code execution.
Get through updates and upcoming events, and more directly in your inbox