Critical GitLab bug lets attackers run pipelines as any user

A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user.
GitLab is a popular web-based open-source software project management and work tracking platform.
It has an estimated one million active license users.
The security issue addressed in the lasted update is tracked as CVE-2024-5655 and has a severity score of 9.6 out of 10.
Under certain circumstances, which the vendor did not define, an attacker could leverage it to trigger a pipeline as another user.
GitLab pipelines are a feature of the Continuous Integration/Continuous Deployment system that enables users to automatically run processes and tasks, either in parallel or in sequence, to build, test, or deploy code changes.
The vulnerability impacts all GitLab CE/EE versions from 15.8 through 16.11.4, 17.0.0 to 17.0.2, and 17.1.0 to 17.1.0.
GitLab has addressed the vulnerability by releasing versions 17.1.1, 17.0.3, and 16.11.5, and recommends users to apply the updates as soon as possible.
Pipelines will no longer run automatically when a merge request is re-targeted after its previous target branch is merged.
Users must manually start the pipeline to execute CI for their changes.
CI JOB TOKEN is now disabled by default for GraphQL authentication starting from version 17.0.0, with this change backported to versions 17.0.3 and 16.11.5.
To access the GraphQL API, users need to configure one of the supported token types for authentication.
CVE-2024-4901: Stored XSS vulnerability allowing malicious commit notes from imported projects to inject scripts, potentially leading to unauthorized actions and data exposure.
CVE-2024-4994: A CSRF vulnerability in the GraphQL API allowing attackers to execute arbitrary GraphQL mutations by tricking authenticated users into making unwanted requests, potentially leading to data manipulation and unauthorized operations.
CVE-2024-6323: Authorization flaw in GitLab's global search feature allowing attackers to view search results from private repositories within public projects, potentially leading to information leaks and unauthorized access to sensitive data.
Resources for GitLab updates are available here, while GitLab Runner guidelines can be found on this page.
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released.
Hackers target new MOVEit Transfer critical auth bypass bug.
CISA: Most critical open source projects not using memory safe code.
Chemical facilities warned of possible data theft in CISA CSAT breach.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 29 Jun 2024 06:13:05 +0000


Cyber News related to Critical GitLab bug lets attackers run pipelines as any user

Critical GitLab bug lets attackers run pipelines as any user - A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based open-source software project management and work tracking ...
4 months ago Bleepingcomputer.com
Critical GitLab Bug Threatens Software Development Pipelines - A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it released new versions of its Community and Enterprise ...
4 months ago Darkreading.com
GitLab warns of critical zero-click account hijacking vulnerability - GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the ...
9 months ago Bleepingcomputer.com
GitLab Fixes Password Reset Bug That Allows Account Takeover - GitLab is releasing a patch to fix a vulnerability in its email verification process that bad actors can exploit to reset user passwords and take over accounts. The flaw, CVE-2023-7028, was introduced in May 2023 in GitLab 16.1.0, in which a change ...
9 months ago Securityboulevard.com
GitLab Patches: Severe SAML Authentication Bypass Flaw Fixed - Security Boulevard - In addition to these patches, OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0. It’s worth mentioning that the issue only impacts self-managed instances; therefore, users of GitLab Dedicated instances do not need to take any ...
1 month ago Securityboulevard.com
Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
4 months ago Crowdstrike.com
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
9 months ago Go.theregister.com
CVE-2021-21411 - OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the ...
3 years ago
Critical GitLab flaw allows account takeover without user interaction, patch quickly! - A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords. Users who have two-factor authentication enabled on their account are safe from account takeover. CVE-2023-7028 was reported through ...
9 months ago Helpnetsecurity.com
CVE-2023-37264 - Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that ...
1 year ago
Any.RUN Sandbox Now Expanded to Analyze Linux Malware - The ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis and threat hunting. ANY.RUN allows malware analysts, SOC members, and DFIR team members ...
9 months ago Gbhackers.com
Juniper releases out-of-cycle fix for max severity auth bypass flaw - Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. The security issue is tracked as ...
4 months ago Bleepingcomputer.com
Juniper releases out-of-cycle fix for max severity auth bypass flaw - Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. The security issue is tracked as ...
4 months ago Bleepingcomputer.com
The 20 Most Essential Crypto Bug Bounty Programs - Working with cryptocurrency has become more and more popular in the last few years, but it’s not without risks. It’s important for sites that conduct digital payments and transfers to have security measures in place to help keep your data safe ...
1 year ago Hackread.com
CVE-2016-9086 - GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All ...
7 years ago
Modern DevSecOps - DevSecOps - a fusion of development, security, and operations - emerged as a response to the challenges of traditional software development methodologies, particularly the siloed nature of development and security teams. DevSecOps aims to break down ...
10 months ago Feeds.dzone.com
GitLab Releases Updates to Address Critical Vulnerabilities - In a newly released update, GitLab reports that it is releasing versions 16.7.2, 16.6.3, and 16.5.6 for GitLab Community Edition as well as Enterprise Edition in order to address a series of critical vulnerabilities. Two critical vulnerabilities, ...
9 months ago Darkreading.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 month ago Cyberdefensemagazine.com
New Linux glibc flaw lets attackers get root on major distros - Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation vulnerability in the GNU C Library. Tracked as CVE-2023-6246, this security flaw was ...
9 months ago Bleepingcomputer.com
VMware Fixes Critical Security Bugs in vRealize Log Analysis Tool - Organizations using the VMware vRealize Log Analysis tool are being urged to update it in order to patch several recently discovered security bugs. According to a security advisory issued by VMware yesterday, the company has identified a critical ...
1 year ago Bleepingcomputer.com
Weekly Vulnerability Recap 2/5/24: Azure, Apple, Ivanti & Mastodon - A coding vulnerability in Microsoft's Azure Pipelines affected 70,000 open-source projects. With the recent surge in critical vulnerabilities, organizations should regularly update and patch software, and perform routine vulnerability assessments and ...
9 months ago Esecurityplanet.com
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw - Prioritizing cybercrime intelligence for effective decision-making in cybersecurityIn this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Proactive ...
9 months ago Helpnetsecurity.com
Microsoft is bringing the Linux sudo command to Windows Server - Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications. Superuser do, or sudo, is a Linux console program that allows low-privileged users to execute a ...
9 months ago Bleepingcomputer.com
Opening Statement by CISA Director Jen Easterly - Chairman Gallagher, Ranking Member Krishnamoorthi, Members of the Committee, thank you for the opportunity to testify on CISA's efforts to protect the Nation from the preeminent cyber threat posed by the People's Republic of China. As America's ...
9 months ago Cisa.gov
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)