8 matches found
CVE-2024-8402
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to...
BIT-GITLAB-2024-8402 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to...
CVE-2024-8402 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to...
CVE-2024-8402 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to...
CVE-2024-8402
CVE-2024-8402 affects GitLab EE/CE, with input validation in the Google Cloud IAM integration allowing a Maintainer to inject malicious code in versions: 17.2–17.7.7, 17.8–17.8.5, and 17.9–17.9.2. Affected product: GitLab EE (and CE per sources) before the fixed releases. Root cause: input valida...
Behind the Scenes: The Art of Safeguarding Non-Human Identities
In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines ar...
Product Walkthrough: Silverfort's Unified Identity Protection Platform
In this article, we will provide a brief overview of Silverfort's platform, the first and currently only unified identity protection platform on the market. Silverfort's patented technology aims to protect organizations from identity-based attacks by integrating with existing identity and access...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.4 CNF vRAN extras security update
An update for ztp-site-generate-container, topology-aware-lifecycle-manager and bare-metal-event-relay is now available for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS...