Home / exploitsPDF  

GitLab GitHub Repo Import Deserialization Remote Code Execution

Posted on 15 February 2023

An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested default_branch. GitLab will cache this object and then deserialize it when trying to load a user session, resulting in remote code execution.

 

TOP