September 21, 2023
GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user.
The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4.
“It was possible for an attacker to run pipelines as an arbitrary user via scheduled
The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4.
“It was possible for an attacker to run pipelines as an arbitrary user via scheduled
Article posted by: https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com
