Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 3:1 a.m.6 views

CVE-2024-6385

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.8CVSS6.7AI score0.06036EPSS
Exploits0References1
OSV
OSV
added 2024/07/11 7:15 a.m.2 views

UBUNTU-CVE-2024-6385

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.8CVSS5.8AI score0.06036EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/11 6:56 a.m.35 views

CVE-2024-6385 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.6CVSS6.4AI score0.06036EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/11 6:56 a.m.43 views

CVE-2024-6385 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.6CVSS0.06036EPSS
Exploits0References2
OSV
OSV
added 2024/07/11 6:56 a.m.28 views

CVE-2024-6385 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.6CVSS9.2AI score0.06036EPSS
Exploits0References5
Circl
Circl
added 2024/07/11 4:0 a.m.11 views

CVE-2024-6385

creationtimestamp| type| source ---|---|--- 2024-07-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1328 2024-07-11 05:53:00+00:00| seen| https://t.me/thehackernews/5237 2024-07-11 08:12:49+00:00| seen| Telegram/IXERdzpVSWu5bnInNI0qNqftyB-hdr7QFOTXYQgmSeJcsw 2024-07-11...

9.8CVSS7.1AI score0.06036EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2024/07/11 3:51 a.m.67 views

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10....

9.8CVSS8.4AI score0.21331EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/11 12:0 a.m.42 views

GitLab 15.8 < 16.11.6 / 17.0 < 17.0.4 / 17.1 < 17.1.2 (CVE-2024-6385)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker...

9.8CVSS6.1AI score0.06036EPSS
Exploits0References4
Rows per page
Query Builder