Lucene search
K

6 matches found

UbuntuCve
UbuntuCve
added 2024/09/12 7:15 p.m.15 views

CVE-2024-6678

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances...

9.9CVSS7.4AI score0.01989EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/09/12 6:26 p.m.31 views

CVE-2024-6678 Authentication Bypass by Spoofing in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances...

9.9CVSS6.7AI score0.01989EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/09/12 6:26 p.m.47 views

CVE-2024-6678 Authentication Bypass by Spoofing in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances...

9.9CVSS0.01989EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2024/09/12 3:55 p.m.67 views

Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user. The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0 "An issue was discovered in...

10CVSS7AI score0.94955EPSS
Exploits17
Circl
Circl
added 2024/09/12 10:8 a.m.10 views

CVE-2024-6678

creationtimestamp| type| source ---|---|--- 2024-09-12 10:08:54+00:00| seen| https://t.me/HackingInsights/12852 2024-09-12 15:18:20+00:00| seen| https://t.me/BleepingComputer/20662 2024-09-12 18:47:39+00:00| seen| https://t.me/thehackernews/5573 2024-09-12 18:59:10+00:00| seen|...

9.9CVSS7.5AI score0.01989EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.35 views

GitLab 8.14 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-6678)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

9.9CVSS8.7AI score0.01989EPSS
Exploits1References4
Rows per page
Query Builder