CVE-2024-5655 - GitLab Pipeline Impersonation Vulnerability Explained
On June 26, 2024, GitLab released a critical security update addressing CVE-2024-5655. This vulnerability lets attackers trigger a CI/CD pipeline as another user under
CVE-2024-3115 - Exploiting GitLab EE’s SSO Bypass for Issues & Epics via Duo Chat
On April 2024, security researchers discovered a major vulnerability—CVE-2024-3115—in GitLab Enterprise Edition (EE). This flaw lets attackers bypass Single Sign-On (SSO) controls and
CVE-2024-4011 - GitLab Non-Member Key Results Promotion Vulnerability Explained
If you’re running GitLab in your organization, it’s always crucial to stay up-to-date on security issues that could impact your code and workflow.
CVE-2024-1816 - Denial of Service in GitLab via Crafted OpenAPI File — Full Disclosure & Exploit Guide
GitLab is one of the world’s most popular platforms for software development, powering source code repositories at companies large, small, and everything in between.
CVE-2024-2191 - GitLab Merge Request Title Leakage Explained (with Proof of Concept)
In early 2024, a new vulnerability was discovered in GitLab's Merge Requests system—CVE-2024-2191. This flaw affects both Community and Enterprise Editions (CE/
Episode
00:00:00
00:00:00