all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite

Add to bookmarks
Jan. 30, 2024, 4:18 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace.
Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10.
"An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to

address arbitrary files community critical cve cve-2024-0402 cvss cvss score enterprise exploited file file overwrite files fixes flaw gitlab score security security flaw upgrade urgent vulnerability workspace

Visit resource

More from thehackernews.com / The Hacker News

Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw 18 hours ago | thehackernews.com
attack attack chain cobalt cobalt strike +19
Bogus npm Packages Used to Trick Software Developers into Installing Malware 1 day, 2 hours ago | thehackernews.com
backdoor bogus campaign cybersecurity +25
Severe Flaws Disclosed in Brocade SANnav SAN Management Software 1 day, 17 hours ago | thehackernews.com
application area brocade compromise +17
10 Critical Endpoint Security Tips You Should Know 1 day, 20 hours ago | thehackernews.com
breaches business connectivity critical +20
New 'Brokewell' Android Malware Spread Through Fake Browser Updates 1 day, 20 hours ago | thehackernews.com
analysis android android malware banking +15
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack 1 day, 21 hours ago | thehackernews.com
alto attack command critical +23
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites 2 days, 1 hour ago | thehackernews.com
accounts admin automatic bug +18
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures 2 days, 14 hours ago | thehackernews.com
access actor binary called +19
Network Threats: A Step-by-Step Attack Demonstration 2 days, 20 hours ago | thehackernews.com
access advanced attack attackers +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs