While Microsoft dubbed the flaw as a high-severity spoofing bug, such an issue was disclosed by ZDI to be a remote code execution vulnerability that requires a higher severity rating.
GitLab has issued a fix for the critical flaw in GitLab Community Edition and Enterprise Edition software, tracked as CVE-2024-6385, which could be leveraged for arbitrary pipeline job execution.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.