CVE-2024-6385: Critical Unauthorised Pipeline Job Vulnerability in GitLab

On 10 July 2024, GitLab issued an advisory regarding a critical vulnerability (CVE-2024-6385) in GitLab CE/EE that had been reported to them through a bug bounty program. This vulnerability allows a threat actor to trigger a GitLab pipeline as another user under certain circumstances. A GitLab pipeline is a collection of automated processes that run … CVE-2024-6385: Critical Unauthorised Pipeline Job Vulnerability in GitLab

Article Link: CVE-2024-6385: Critical Unauthorised Pipeline Job Vulnerability in GitLab - Arctic Wolf