CVE-2023-4812 is a high-severity vulnerability affecting GitLab Enterprise Edition (EE) versions starting from 15.3 up to but not including 16.5.6, versions from 16.6 up to 16.6.4, and versions from 16.7 up to 16.7.2. The vulnerability is classified under CWE-863, which relates to incorrect authorization. Specifically, the issue allows an attacker to bypass the required CODEOWNERS approval process in GitLab merge requests. Normally, changes to code protected by CODEOWNERS require explicit approval from designated owners before merging. However, this vulnerability enables an attacker with at least limited privileges (PR:L - privileges required) and requiring user interaction (UI:R) to add changes to an already approved merge request without triggering the necessary CODEOWNERS approval. This bypass undermines the integrity of the code review process, potentially allowing unauthorized or malicious code to be merged into critical branches. The CVSS v3.1 base score of 7.6 reflects a high severity, with network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), user interaction (UI:R), and a scope change (S:C). The impact on confidentiality is low, but integrity impact is high, and availability is not affected. No known exploits are currently reported in the wild, but the vulnerability’s nature makes it a significant risk for organizations relying on GitLab for secure code management and CI/CD pipelines.

For European organizations, this vulnerability poses a substantial risk to the software development lifecycle and supply chain security. Organizations using GitLab EE for managing source code and merge requests could have their code integrity compromised if attackers exploit this flaw to bypass CODEOWNERS approval. This could lead to unauthorized code changes being merged, potentially introducing backdoors, vulnerabilities, or malicious functionality into production software. The impact is particularly critical for sectors with stringent regulatory requirements such as finance, healthcare, and critical infrastructure, where software integrity is paramount. Additionally, organizations with distributed development teams relying heavily on automated approval workflows are at risk of undetected unauthorized changes. The vulnerability could also undermine trust in internal security controls and increase the risk of insider threats or external attackers escalating privileges within development environments.

To mitigate this vulnerability, European organizations should promptly upgrade affected GitLab EE instances to the patched versions beyond 16.5.6, 16.6.4, or 16.7.2 as applicable. Until patches are applied, organizations should implement strict monitoring of merge request activities, especially changes made after initial approvals. Enforce additional manual reviews for any amendments to approved merge requests and consider temporarily disabling automatic merge pipelines for critical branches. Implement enhanced logging and alerting on merge request approvals and changes to detect suspicious activity. Restrict write access to trusted users only and review user permissions regularly to minimize the risk of privilege abuse. Additionally, organizations should audit their CODEOWNERS configuration to ensure it aligns with security policies and consider integrating external code review tools that provide additional approval enforcement. Finally, educate development teams about this vulnerability to increase vigilance during code review processes.