Critical GitLab Bug Lets Attackers Run Pipelines as Other Users

Patch this Critical Safeguard for Privileged Passwords Authentication Bypass Flaw
CISA Adds Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server Bugs to its KEV Catalog
Clever ‘GitHub Scanner’ Campaign Abusing Repositories to Push Malware
Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs
Microsoft Entra ID’s Administrative Units Weaponized to Gain Stealthy Persistence

Patch this Critical Safeguard for Privileged Passwords Authentication Bypass Flaw
CISA Adds Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server Bugs to its KEV Catalog
Clever ‘GitHub Scanner’ Campaign Abusing Repositories to Push Malware
Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs
Microsoft Entra ID’s Administrative Units Weaponized to Gain Stealthy Persistence

_ 12 July 2024_ _ 0 Comments

Critical GitLab Bug Lets Attackers Run Pipelines as Other Users

The vulnerability impacts all GitLab CE/EE versions from 15.8 to 16.11.6, 17.0 to 17.0.4, and 17.1 to 17.1.2. Under certain circumstances that GitLab has yet to disclose, attackers can exploit it to trigger a new pipeline as an arbitrary user.

Author

The best date for you ?

What time works?

The best date for you ?

What time works?

Critical GitLab Bug Lets Attackers Run Pipelines as Other Users

Book a DEMO / POV

The best date for you ?

What time works?

Book a DEMO / POV

The best date for you ?

What time works?

Russian Researchers Identify Alleged Ukrainian Developer of Malicious Remote Access Tool

Risk Escalates as Communication Channels Proliferate