Indian Govt Warns of Critical Vulnerabilities in Google Chrome OS and GitLab

GG News Bureau
New Delhi, 3rd July. The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics & Information Technology, has issued a warning regarding multiple vulnerabilities in Google Chrome OS and GitLab. These vulnerabilities could potentially allow attackers to execute arbitrary code on targeted systems.

In Google Chrome OS, vulnerabilities affect LTS channel versions prior to 120.0.6099.315. CERT-In highlighted issues such as Heap buffer overflow in WebRTC and Use after free in Media Session, which could be exploited by attackers through specially crafted web pages.

Regarding GitLab, vulnerabilities impact GitLab Community Edition (CE) versions prior to 17.1.1, 17.0.3, and 16.11.5, as well as GitLab Enterprise Edition (EE) versions before the same releases. These vulnerabilities span various components and could enable remote attackers to execute arbitrary code, access sensitive information, conduct cross-site scripting, bypass security measures, and cause denial of service.

CERT-In strongly advises users to apply recommended security updates promptly to mitigate these risks.