The vulnerability of the Git-based software platform for collaborative code development on GitLab allows a hacker to replace the code in imported CI/CD pipelines.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to replace the code in imported CI/CD pipelines...

PT-2024-5975 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.0 through 17.0.4 GitLab CE/EE versions 17.1 through 17.1.2 GitLab CE/EE versions 17.2 through 17.2.0 Description: A resource misdirection vulnerability in GitLab allows an attacker to craft a repository import in such...