CVE-2023-3401: 
GitLab vulnerability analysis and mitigation

An issue was discovered in GitLab affecting all versions before 16.0.8, all versions starting from 16.1 before 16.1.3, and all versions starting from 16.2 before 16.2.2. The vulnerability allows an attacker to create repositories with malicious code by exploiting specially designed repository branch names (GitLab Security, NVD).

The vulnerability stems from insufficient validation of branch names in GitLab's branch checking mechanism. The issue exists in the branch_check.rb file, where a regular expression %r{\A\h{40}(/|\z)} is used to evaluate branch name patterns. While the check prohibits branch names like 'abbebba53d99e36a1450934a8bf4352a7fecd4d8/main', attackers can bypass this restriction by adding a '-' character at the end of the hexadecimal string, resulting in 'abbebba53d99e36a1450934a8bf4352a7fecd4d8-/main'. The vulnerability has been assigned a CVSS v3.1 base score of 4.8 MEDIUM (Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N) (GitLab Issue, NVD).

When successfully exploited, this vulnerability allows attackers to create repositories containing malicious code. This could potentially lead to code execution on systems of users who clone or download these repositories (GitLab Security).

The vulnerability has been patched in GitLab versions 16.0.8, 16.1.3, and 16.2.2. Organizations are strongly recommended to upgrade to these or later versions immediately. GitLab.com has already been updated with the patched version (GitLab Security).