Islamabad, 17 May, 2025: GitLab Users have been urged to take immediate security action following a cybersecurity advisory issued by the Pakistan Telecommunication Authority (PTA).
The authority has flagged serious vulnerabilities affecting both GitLab Community Edition (CE) and Enterprise Edition (EE), covering a wide range of versions released prior to GitLab 17.4.2.
Critical Bugs Could Expose Sensitive Data
The PTA’s warning follows the identification of two high-risk security flaws CVE-2023-3441 and CVE-2024-5005 that could leave development environments vulnerable to data leaks and unauthorized changes.
The first issue, CVE-2023-3441, relates to GitLab’s insufficient alerts when users are given permission to merge code into protected branches. This shortcoming may allow unintended or malicious changes to vital project components.
READ MORE: PTA Introduces Temporary Mobile Registration for Overseas Visitors
The second flaw, CVE-2024-5005, poses an even greater threat by enabling authenticated users to exploit GitLab’s API and access confidential content, such as project templates.
Both vulnerabilities fall into the “high severity” category and are classified under the broader risk of information disclosure.
Experts Advise Immediate Action
Cybersecurity professionals have warned that if left unpatched, these weaknesses could be exploited by attackers, giving them access to private repositories and sensitive codebases.
This raises particular concern for GitLab Users in software development, technology firms, and government sectors relying on version control systems.
In response, the PTA has strongly advised all organizations and developers to upgrade to the latest versions without delay.
The security patches resolving these issues were released by GitLab on October 9, 2024, with version 17.4.2 addressing both vulnerabilities.
Proactive Steps Are Critical
The PTA emphasized the importance of staying current with system updates and applying security fixes promptly.
READ MORE: PTA Introduces Temporary Mobile Registration for Overseas Visitors
It urged GitLab Users to assess their installations, implement recommended patches, and follow best cybersecurity practices to avoid potential breaches.
As digital threats grow more sophisticated, timely maintenance and vigilance remain essential to protecting sensitive infrastructure and intellectual property.
