CVE-2024-10383
📋 TL;DR
This vulnerability allows cross-site scripting (XSS) attacks when loading .ipynb files in GitLab's web IDE. Attackers can execute arbitrary JavaScript in the context of the victim's session, potentially stealing credentials or performing unauthorized actions. All GitLab CE/EE instances using the vulnerable gitlab-web-ide-vscode-fork component are affected.
💻 Affected Systems
- GitLab Community Edition
- GitLab Enterprise Edition
📦 What is this software?
Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →Gitlab by Gitlab
GitLab is a complete DevOps platform providing source code management, CI/CD pipelines, security scanning, container registry, and collaboration tools used by millions of developers and thousands of enterprises worldwide. As both a cloud-hosted SaaS offering (GitLab.com) and self-managed software, G...
Learn more about Gitlab →⚠️ Risk & Real-World Impact
Worst Case
Complete account takeover, data exfiltration, or lateral movement within the GitLab instance if an authenticated user loads a malicious .ipynb file.
Likely Case
Session hijacking, credential theft, or unauthorized actions performed in the victim's GitLab session.
If Mitigated
Limited impact if proper content security policies and input validation are in place, though XSS could still bypass some controls.
🎯 Exploit Status
Exploitation requires an authenticated user to load a malicious .ipynb file in the web IDE. Attack complexity is medium due to the need for user interaction.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: GitLab 17.3 or later, and ensure gitlab-web-ide-vscode-fork component version 1.89.1-1.0.0-dev-20241118094343 or later
Vendor Advisory: https://gitlab.com/gitlab-org/gitlab/-/issues/500785
Restart Required: No
Instructions:
1. Upgrade GitLab to version 17.3 or later. 2. For versions 17.4-17.6, ensure the gitlab-web-ide-vscode-fork component is updated to 1.89.1-1.0.0-dev-20241118094343 or later via CDN.
🔧 Temporary Workarounds
Disable Web IDE
allTemporarily disable the web IDE feature to prevent exploitation
In GitLab admin area: Settings > General > Visibility and access controls > Disable 'Web IDE'
Restrict .ipynb file uploads
allBlock or restrict .ipynb file uploads in GitLab projects
Configure project settings to restrict file types or use GitLab CI/CD to scan for .ipynb files
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) headers to mitigate XSS impact
- Enable GitLab's built-in XSS protection features and input validation
🔍 How to Verify
Check if Vulnerable:
Check GitLab version and verify if gitlab-web-ide-vscode-fork component is vulnerable by examining CDN-loaded resourcesCheck Version:
sudo gitlab-rake gitlab:env:info | grep 'Version:'Verify Fix Applied:
Confirm GitLab version is 17.3+ and test loading .ipynb files in web IDE for any script execution📡 Detection & Monitoring
Log Indicators:
- Unusual .ipynb file uploads or accesses in web IDE logs
- JavaScript execution errors or suspicious payloads in application logs
Network Indicators:
- Unexpected requests to external domains from web IDE sessions
- Anomalous patterns in CDN resource loading
SIEM Query:
source="gitlab" AND ("ipynb" OR "web-ide") AND (status=500 OR status=400)