"GitLab Ships Update for Critical Pipeline Execution Vulnerability"

GitLab has made security updates that address six vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE), including a critical-severity bug. The bug tracked as CVE-2024-6385, with a CVSS score of 9.6, allows an attacker to trigger a pipeline as another user. Contrast Security CISO David Lindner warns that the exploitation of the bug could enable attackers to run malicious code, access sensitive data, and compromise software integrity. This article continues to discuss the critical-severity vulnerability that an attacker can exploit to trigger a pipeline as another user.

SecurityWeek reports "GitLab Ships Update for Critical Pipeline Execution Vulnerability"

Submitted by grigby1

Submitted by Gregory Rigby on