News
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
GitLab addressed arbitrary pipeline execution vulnerabilities multiple times this year, including CVE-2024-6678 last month, CVE-2024-6385 in July, and CVE-2024-5655 in June, all rated critical.
GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln. The bug (CVE-2024-6385) is similar — but not ...
GitLab integration allows embedded software teams to identify security issues found by the LDRA tool suite without having to leave their familiar cloud-native automation pipeline. As part of a ...
After checking the pipeline file into the application's repository, the job moves into the queue. As soon as a GitLab runner is available, the defined steps run sequentially.
A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback