Lucene search
HiveForce LabsHIVEPRO:546096ACCD06E6E1CD018F545F19D7A4HistorySep 22, 2023 - 5:19 a.m.
GitLab Releases Critical Patch to Address Pipeline Execution Vulnerability
2023-09-2205:19:08
HiveForce Labs
www.hivepro.com
19
gitlab
critical patch
pipeline execution vulnerability
cve-2023-5009
unauthorized access
bypass
threat advisory
hiveforce labs
linkedin
0.001 Low
EPSS
Percentile
47.7%
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The critical security vulnerability CVE-2023-5009 affects all versions of GitLab Enterprise Edition (EE). This vulnerability is significant as it enables an attacker to execute pipelines as another user, potentially leading to unauthorized access and misuse of the GitLab environment. This vulnerability represents a bypass of CVE-2023-3932. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Related
debiancve
debiancve
CVE-2023-5009
2023-09-19 08:16:07
CVE-2023-3932
2023-08-03 05:15:10
osv
osv
BIT-gitlab-2023-5009
2024-03-06 10:57:56
CVE-2023-5009
2023-09-19 08:16:07
BIT-gitlab-2023-3932
2024-03-06 11:01:54
prion
prion
Design/Logic Flaw
2023-09-19 08:16:00
Design/Logic Flaw
2023-08-03 05:15:00
nessus
nessus
GitLab 13.12 < 16.2.7 / 16.3 < 16.3.4 (CVE-2023-5009)
2023-09-19 00:00:00
GitLab 13.12 < 16.0.8 / 16.1.0 < 16.1.3 / 16.2.0 < 16.2.2 (CVE-2023-3932)
2024-01-02 00:00:00
FreeBSD : Gitlab -- vulnerability (32a4896a-56da-11ee-9186-001b217b3468)
2023-09-19 00:00:00
cve
cve
CVE-2023-5009
2023-09-19 08:16:07
CVE-2023-3932
2023-08-03 05:15:10
cvelist
cvelist
CVE-2023-5009 Improper Access Control in GitLab
2023-09-19 07:01:14
CVE-2023-3932 Missing Authorization in GitLab
2023-08-03 04:01:58
nvd
nvd
CVE-2023-5009
2023-09-19 08:16:07
CVE-2023-3932
2023-08-03 05:15:10
thn
thn
GitLab Releases Urgent Security Patches for Critical Vulnerability
2023-09-20 07:18:00
redhatcve
redhatcve
CVE-2023-3932
2023-10-09 17:57:15