New GitLab Vulnerability Enables Unauthorized Pipeline Execution
GitLab recently released a security advisory warning of a critical vulnerability
impacting its GitLab Community and Enterprise editions that would let threat
actors run unauthorized pipeline jobs.
The flaw, tracked as CVE-2024-6385
[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6385], has a CVSS
severity score of 9.6 out of 10 and was flagged as critical. It affects all
GitLab Community and Enterprise versions 15.8 through 16.11.6, 17.0 to 17.0.4,
and 17.1 to 17.1.2.
Vulnerability Le