Developers can trigger the automated workflow via code commits, merge requests or scheduled jobs. The vulnerability, identified as CVE-2024-6385, gives attackers a way to run a pipeline in the ...