GitLab Releases Critical Patch to Address Pipeline Execution Vulnerability

Threat Level – Amber | Vulnerability Report
Download PDF

The critical security vulnerability CVE-2023-5009 affects all versions of GitLab Enterprise Edition (EE). This vulnerability is significant as it enables an attacker to execute pipelines as another user, potentially leading to unauthorized access and misuse of the GitLab environment. This vulnerability represents a bypass of CVE-2023-3932.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox