GitLab’ discovered a high-profile vulnerability that could allow remote code execution

GitLab (https://about.gitlab.com/releases/2024/07/24/patch-release-gitlab-17-2-1-released/#project-level-analytics-settings-leaked-in-dom) is a announced the release of Community Edition (CE) and Enterprise Edition (EE) versions 17.2.1, 17.1.3 and 17.0.5 to address several vulnerabilities. These updates contain important bug and security fixes.
🔴 Identified CVE-2024-5067 (https://nvd.nist.gov/vuln/detail/CVE-2024-5067) medium vulnerability;
🔴 Identified CVE-2024-7057 (https://nvd.nist.gov/vuln/detail/CVE-2024-7057) medium vulnerability;
🔴 Identified CVE-2024-0231 (https://nvd.nist.gov/vuln/detail/CVE-2024-0231) low-level vulnerability;
✅ UZCERT service allows GitLab clients to implement security updates released by GitLab (https://about.gitlab.com/releases/2024/07/24/patch-release-gitlab-17-2-1-released/#project-level- analytics-settings-leaked-in-dom) as well as GitLab’s security tips page. (https://about.gitlab.com/releases/2024/07/24/patch-release-gitlab-17-2-1-released/#project-level-analytics-settings-leaked-in-dom)

Computer Emergency
Response Team

Computer Emergency
Response Team

GitLab’ discovered a high-profile vulnerability that could allow remote code execution

Hackers are attacking GitHub users using a sophisticated new Phishing tool called “GoIssue”

High-Level Vulnerabilities Identified in Fortinet Products

SAP Security Update: Patch for High Severity Vulnerabilities