GitLab Releases Urgent Security Patches for Critical Vulnerability

2023-09-20 07:18

GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user. The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4. "It was possible for an attacker to run pipelines as an arbitrary user via scheduled

News URL

https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html

#critical #gitlab #security #vulnerability #CVE-2023-5009

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-19	CVE-2023-5009	Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4. network low complexity gitlab critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Gitlab		10	88	753	103	12	956

News URL

Related news

Related Vulnerability

Related vendor