CVE-2024-6385 | GitLab Community Edition/Enterprise Edition up to 16.11.5/17.0.3/17.1.1 Pipeline access control (Issue 469217)

Posted by Angelo Barbosa | Jul 11, 2024 | CVE

A vulnerability classified as critical has been found in GitLab Community Edition and Enterprise Edition up to 16.11.5/17.0.3/17.1.1. This affects an unknown part of the component Pipeline Handler. The manipulation leads to improper access controls.

This vulnerability is uniquely identified as CVE-2024-6385. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6385 | GitLab Community Edition/Enterprise Edition up to 16.11.5/17.0.3/17.1.1 Pipeline access control (Issue 469217)

Related Posts

CVE-2023-49163 | Michael Winkler teachPress Plugin up to 9.0.5 on WordPress cross-site request forgery

CVE-2023-6850 | kalcaddle KodExplorer up to 4.51.03 API Endpoint path/file unrestricted upload

CVE-2023-51525 | Veribo & Roland Murg WP Simple Booking Calendar Plugin up to 2.0.8.4 on WordPress cross-site request forgery

CVE-2023-40356 | Ping Identity PingOne MFA Integration Kit up to 2.3.0 authentication spoofing