GitLab Patches Bug That Could Expose CI/CD Pipeline to Supply Chain Attack

September 13, 2024 | GitLab has patched a critical vulnerability (CVE-2024-6678) with a CVSS score of 9.9, which could allow attackers to trigger a CI/CD pipeline as an arbitrary user, leading to privilege escalation and software supply chain risks. Experts stress the need for immediate patching and supply chain security measures.

[Read the full article]

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.