CVE-2024-5655 - Exploiting GitLab CE/EE to Trigger Pipeline as Another User
A critical vulnerability (CVE-2024-5655) has been discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) that affects all versions starting from 15.8 prior
CVE-2024-3115: GitLab EE Vulnerability Allows Access to Issues and Epics Without SSO Session Using Duo Chat
A critical vulnerability (CVE-2024-3115) has been discovered recently in GitLab EE that could allow attackers to bypass security measures in the system and gain unauthorized
CVE-2024-4011: Critical Vulnerability in GitLab CE/EE Allows Non-Project Members to Promote Key Results to Objectives
A critical security vulnerability, identified as CVE-2024-4011, has been discovered in GitLab Community Edition (CE) and Enterprise Edition (EE). The issue affects the following versions:
CVE-2024-1816 - Denial of Service Vulnerability in GitLab CE/EE Due to a Crafted OpenAPI File
---
Introduction
In this post, we discuss a recently discovered issue in GitLab CE/EE, tracked as CVE-2024-1816. The vulnerability affects all GitLab CE/EE
CVE-2024-2191: Merge Request Title Visibility Vulnerability in GitLab CE/EE
A critical vulnerability (CVE-2024-2191) was discovered in GitLab CE/EE, affecting all versions from 16.9 to 17.1.1, which could expose merge request
Episode
00:00:00
00:00:00