This critical GitLab flaw allows attackers to run pipeline jobs as other users - patch now

from ITPro 8 months ago

CVE-2024-6385 allows unauthorized access, code manipulation, and data exfiltration, posing severe risks such as supply chain compromise and data breaches.
ITProhttps://www.itpro.com/security/this-critical-gitlab-flaw-allows-attackers-to-run-pipeline-jobs-as-other-users-patch-now

GitLab advises updating to versions 16.11.6, 17.0.4, or 17.1.2 immediately to address the critical vulnerability affecting GitLab CE/EE versions 15.8 to 17.1.
ITProhttps://www.itpro.com/security/this-critical-gitlab-flaw-allows-attackers-to-run-pipeline-jobs-as-other-users-patch-now

Read at ITPro

#gitlab #vulnerability #cybersecurity #patch #devsecops

Collection

[

...

]

This critical GitLab flaw allows attackers to run pipeline jobs as other users - patch nowThis critical GitLab flaw allows attackers to run pipeline jobs as other users - patch now Briefly

This critical GitLab flaw allows attackers to run pipeline jobs as other users - patch now
This critical GitLab flaw allows attackers to run pipeline jobs as other users - patch now
Briefly