InfoSecBulletin Cybersecurity for mankind
GitLab released security updates on Wednesday to fix 17 vulnerabilities, including a critical issue that lets attackers run pipeline jobs as any user. CVE-2024-6678 is a critical vulnerability with a CVSS score of 9.9 out of 10.0
“An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances,” the company said in an alert.
AMD Patches CPU Vulnerability
Hackers To Use HTTP Client Tools To Compromise Microsoft 365 Accounts
Google patches 47 Android flaws, Including Actively Exploited CVE-2024-53104
CVE-2025-21415
Microsoft Patches Critical Azure AI Face Service Vulnerability
Daily Security Update Dated:4.02.2025
768 Exploited CVEs in 2024, a 20% Increase from 639 in 2023
.Gov Domains Weaponized in Phishing Surge
RedSentry presents
Hacked 101 Seminar Successfully Ended at UITS
US scientists claim to replicate DeepSeek for $30 dubbed “TinyZero,”
ChatGPT, DeepSeek, Qwen 2.5-VL Vulnerable to AI Jailbreaks
The vulnerability, along with three high-severity, 11 medium-severity, and two low-severity bugs, has been fixed in GitLab CE and EE versions 17.3.2, 17.2.5, and 17.1.7.
CVE-2024-6678 is the fourth serious flaw GitLab has fixed in the past year, joining CVE-2023-5009, CVE-2024-5655, and CVE-2024-6385, all with a CVSS score of 9.6.
Users should apply the patches quickly to prevent potential threats, even though there is currently no evidence of active exploitation of the flaws.
In May, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that a critical GitLab vulnerability (CVE-2023-7028, CVSS score: 10.0) was being actively exploited.
