CVE-2022-31267: Unescaped control characters in Gitblit

May 22, 2022 (updated May 25, 2022)

Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext ‘attacker@example.com\n\trole = “#admin”’ value.

References

github.com/advisories/GHSA-fh55-vwjc-69c7
github.com/gitblit/gitblit/commit/9b4afad6f4be212474809533ec2c280cce86501a
github.com/gitblit/gitblit/issues/1410
github.com/gitblit/gitblit/releases/tag/v1.9.3
nvd.nist.gov/vuln/detail/CVE-2022-31267

Detect and mitigate CVE-2022-31267 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →