Diğerleri

GitLab users warned of flaw that allows file overwrite — so update now

Feb 1, 2024 #bose soundbar, #rel sub, #www.audiophile.org

GitLab users warned of flaw that allows file overwrite — so update now

bose soundbar, rel sub, En İyi Ev Ses Sistemi, Ev Ses Sistemleri Online, müzik dinlemek için en iyi hoparlörler, ev stereo sistemi bileşenleri, Satılık Müzik Seti

GitLab recently discovered a critical vulnerability in its Community Edition (CE) and Enterprise Edition (EE) instances, which could allow malicious actors to write arbitrary files while creating a workspace. 

In a security bulletin, GitLab said the vulnerability is quite serious and that users should apply the patch with utmost urgency.

The vulnerability affects all versions from 16.0 prior to 16.5.8, 16.6 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1, the project said in the announcement.

More bugs to patch

“This is a critical severity issue,” GitLab said, adding that it has been assigned a severity score of 9.9. “It is now mitigated in the latest release and is assigned CVE-2024-0402.”

The company also said the patch was backported to 16.5.8 besides 16.6.6, 16.7.4, and 16.8.1. “GitLab 16.5.8 only includes a fix for this vulnerability and does not contain any of the other fixes or changes mentioned in this blog post,” the announcement concluded. GitLab.com and GitLab Dedicated environments are said to already be running the upgraded version.

In the same advisory, GitLab also said it addressed four medium-severity flaws that could result in a regular expression denial-of-service (ReDoS), HTML injection, and the leaking of users’ public email addresses via the tags RSS feed.

This is not the first time GitLab users were urged to immediately apply a patch and fix a critical flaw. In September last year, GitLab said it found a flaw in scan execution policies to run pipelines (a series of automated tasks) as another user. 

This flaw was tracked as CVE-2023-4998 and carries a severity score of 9.6. It impacted a couple of versions of the software, namely GitLab Community Edition (CE) and Enterprise Edition (EE) versions 13.12 through 16.2.7, and versions 16.3 through 16.3.4.

Via The Hacker News

More from TechRadar Pro

  • GitLab users told to install emergency security fix immediately
  • Here’s a list of the best firewalls around today
  • These are the best endpoint security tools right now

En İyi Ev Ses Sistemi,
Ev Ses Sistemleri Online,
müzik dinlemek için en iyi hoparlörler,
ev stereo sistemi bileşenleri,
Satılık Müzik Seti

stereoguide-referencehometheater-techradar

Related Post

Bluetooth Earphones Bluetooth Headphones Bluetooth Speakers DACs Diğerleri Earphones Mobile DAC Noise Cancelling Headphones Planar Headphones

Yulia Niko: “Never Listen To Anyone”

May 1, 2024
Diğerleri

NYT Strands today — hints, answers and spangram for Wednesday, May 1 (game #59)

May 1, 2024
Diğerleri

Quordle today – hints and answers for Wednesday, May 1 (game #828)

May 1, 2024

Şu Ürünleri Kaçırmayın

Headphones, Applause Awards , 2024, Headphones, Over / On Ear ,

Austrian Audio The Composer Headphones Review

01/05/2024
Hi-Fi, Headphones,

Volumio Motivo – Stylish Streaming Headphone Amp

01/05/2024
Hi-Fi, HiFi Show,

Origin Live’s Renown Tonearm Makes European Debut

01/05/2024
Müzik Seti Sehpası

SRA Silent Running Audio Scuttle Audio Rack

01/05/2024