URL has been copied successfully!
New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution – Information is key, but action opens the lock
URL has been copied successfully!

Information is key, but action opens the lock

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

by

Andy Stern
in

Tags: , , , , ,

GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches.Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10.”An issue was discovered in GitLab EE

First seen on thehackernews.com

Jump to article: thehackernews.com/2024/10/new-critical-gitlab-vulnerability-could.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
  2. Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
  3. GitLab Urges Organization to Patch for Authentication Bypass Vulnerability
  4. Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch