Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-5655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1...

9.6CVSS6.1AI score0.07468EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/07/11 3:51 a.m.67 views

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10....

9.8CVSS8.4AI score0.21331EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/06/28 2:18 p.m.67 views

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment CI/CD pipelines as any user. The weaknesses, which affect GitLab Community Edition CE and Enterprise Edition EE,...

9.6CVSS7.3AI score0.32784EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/06/27 12:0 a.m.32 views

GitLab 15.8 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-5655)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker...

9.6CVSS6.1AI score0.07468EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/26 11:30 p.m.30 views

CVE-2024-5655 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.6CVSS9AI score0.07468EPSS
Exploits0References2
CVE
CVE
added 2024/06/26 11:30 p.m.173 views

CVE-2024-5655

GitLab CVE-2024-5655 affects GitLab CE/EE versions: 15.8–16.11.4, 17.0–17.0.2, and 17.1–17.1.0 (all builds before fixed releases). The issue allows an attacker to trigger a pipeline as another user under certain circumstances (improper access control). Remediation per sources: update to GitLab 16...

9.6CVSS8.9AI score0.07468EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/26 11:30 p.m.148 views

CVE-2024-5655 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.6CVSS0.07468EPSS
Exploits0References2
Rows per page
Query Builder