GitLab’ masofadan kodni bajarishga imkon beruvchi yuqori turuvchi zaiflik aniqlandi

GitLab (https://about.gitlab.com/releases/2024/07/24/patch-release-gitlab-17-2-1-released/#project-level-analytics-settings-leaked-in-dom) bir nechta zaifliklarni bartaraf etish maqsadida Community Edition (CE) va Enterprise Edition (EE) ‘ning 17.2.1, 17.1.3 va 17.0.5 versiyalarini chiqarilishini e’lon qildi. Ushbu yangilanishlar muhim xatolar va xavfsizlik tuzatishlarini o’z ichiga oladi.
🔴 Aniqlangan CVE-2024-5067 (https://nvd.nist.gov/vuln/detail/CVE-2024-5067) o’rta darajali zaiflik;
🔴 Aniqlangan CVE-2024-7057 (https://nvd.nist.gov/vuln/detail/CVE-2024-7057) o’rta darajali zaiflik;
🔴 Aniqlangan CVE-2024-0231 (https://nvd.nist.gov/vuln/detail/CVE-2024-0231) past darajali zaiflik;
✅ UZCERT xizmati GitLab mijozlarini GitLab tomonidan chiqarilgan xavfsizlik yangilanishlarini amalga oshirishini (https://about.gitlab.com/releases/2024/07/24/patch-release-gitlab-17-2-1-released/#project-level-analytics-settings-leaked-in-dom) hamda GitLab’ning xavfsizlik boʻyicha maslahatlar sahifasini ko’rib chiqishlarini tavsiya qiladi. (https://about.gitlab.com/releases/2024/07/24/patch-release-gitlab-17-2-1-released/#project-level-analytics-settings-leaked-in-dom)

Kiberxavfsizlik hodisalariga
chora ko'rish xizmati

Kiberxavfsizlik hodisalariga
chora ko'rish xizmati

GitLab’ masofadan kodni bajarishga imkon beruvchi yuqori turuvchi zaiflik aniqlandi

Xakerlar GitHub foydalanuvchilariga yangi murakkab Phishing vosita «GoIssue» yordamida hujum qilmoqda

Fortinet mahsulotlarida yuqori darajali zaifliklar aniqlandi

«SAP» xavfsizlik yangilanishlari orqali mahsulotlarida mavjud bo’lgan yuqori darajadagi zaifliklarni bartaraf etdi