GitLab Ships Update for Critical Pipeline Execution Vulnerability

July 11, 2024 at 10:48AM GitLab has released security updates to address six vulnerabilities in GitLab CE and EE, including a critical-severity bug (CVE-2024-6385) allowing an attacker to trigger a pipeline as another user. The updates also address a medium-severity bug and four low-severity flaws. Users are advised to update their instances promptly due to … Read more

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

July 11, 2024 at 12:12AM GitLab has released updates to address security flaws in its platform, including a critical bug (CVE-2024-6385) allowing an attacker to run pipeline jobs as another user. GitLab also fixed a medium-severity issue (CVE-2024-5257) and has released patches for the vulnerabilities. Additionally, CISA and FBI issued a bulletin urging technology manufacturers … Read more

GitLab: Critical bug lets attackers run pipelines as other users

July 10, 2024 at 04:08PM GitLab addressed a critical vulnerability that allowed attackers to run pipeline jobs as other users in its Community and Enterprise editions. This flaw (CVE-2024-6385) had a severity rating of 9.6/10 and affected versions 15.8 to 17.1.2, impacting over 30 million users, including Fortune 100 companies. GitLab released updates and urged … Read more

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×