GitLab has issued a stern advisory, stating, “We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible.”
Interestingly, this vulnerability has its roots in a prior security flaw that was seemingly not fully resolved. In the previous month, a vulnerability known as VE-2023-3932 was discovered and patched, initially classified as a medium-severity issue. However, security researcher Johan Carlsson identified a way to circumvent the previous fix and determined that the new vulnerability carries a higher severity score, hence the rating of 9.6.
