CVE-2024-0231 in Community Edition
Summary
by MITRE • 07/25/2024
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 08/18/2025
The resource misdirection vulnerability identified as CVE-2024-0231 represents a significant security flaw within GitLab CE/EE platforms that affects multiple version ranges including versions prior to 17.0.5, 17.1.3, and 17.2.1. This vulnerability specifically targets the repository import functionality and enables malicious actors to manipulate commit references during the import process. The flaw operates by allowing attackers to craft specially designed repositories that can redirect or misdirect commit history, potentially leading to incorrect attribution of code changes and compromising the integrity of version control systems.
The technical implementation of this vulnerability stems from insufficient validation and sanitization of commit references during repository import operations. When GitLab processes imported repositories, it fails to properly verify the authenticity and correct mapping of commit identifiers, enabling attackers to inject malicious commit data that appears legitimate within the target repository's history. This misdirection can occur through various mechanisms including manipulation of commit hashes, author information, or timestamp data that gets imported into the system. The vulnerability is classified under CWE-200, which deals with Information Exposure, and specifically relates to improper handling of resource identifiers in version control systems.
The operational impact of CVE-2024-0231 extends beyond simple data corruption, as it can enable sophisticated attacks targeting code integrity and audit trails. Attackers can exploit this vulnerability to create false commit histories that may obscure malicious code changes or redirect blame for modifications to different authors. This capability undermines the fundamental trust in version control systems and can compromise security audits, code reviews, and compliance requirements. The vulnerability particularly affects organizations that rely heavily on repository imports and automated integration processes, as it can go undetected for extended periods while malicious commits are silently integrated into the codebase.
Organizations should implement immediate mitigations including upgrading to patched versions of GitLab CE/EE, specifically versions 17.0.5, 17.1.3, and 17.2.1 respectively. Additional protective measures involve implementing strict repository import policies, conducting thorough verification of imported repositories, and establishing monitoring procedures for anomalous commit patterns. The vulnerability aligns with ATT&CK technique T1550.001, which covers use of valid credentials, as attackers may leverage this flaw to manipulate commit references and potentially gain unauthorized access to repository data. Security teams should also consider implementing automated scanning tools that can detect malformed commit histories and establish robust backup procedures to ensure repository integrity. Organizations utilizing GitLab's import functionality should conduct comprehensive security assessments of their existing repositories to identify any potential compromise from this vulnerability.