CVE-2024-5655
published 2024-06-27CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1…
PriorityP262high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
7.47%
93.7th percentile
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 17.3.5-2 (sid) | gitlab 17.3.5-2 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 15.8 < 16.11.5 | 16.11.5 |
| gitlab | gitlab | >= 15.8.0 < 16.11.5 | 16.11.5 |
| gitlab | gitlab | >= 17.0 < 17.0.3 | 17.0.3 |
| gitlab | gitlab | >= 17.0.0 < 17.0.3 | 17.0.3 |
| gitlab | gitlab | >= 17.1 < 17.1.1 | 17.1.1 |
| gitlab | gitlab_ce | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Affected GitLab versions: 15.8 up to (not including) 16.11.5, 17.0 up to (not including) 17.0.3, and 17.1 up to (not including) 17.1.1. Detect unpatched instances by version fingerprinting. ↗
- ·The vulnerability requires 'certain circumstances' to be exploitable — the exact preconditions for triggering a pipeline as another user are not publicly detailed in these sources, which may limit precise detection rule tuning. ↗
- ·The CVSS score is 9.6 (critical), indicating high severity; prioritize patching GitLab CE/EE instances in scope. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian9.6CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15
osv·2024-06-27·CVSS 8.8
CVE-2024-5655 [HIGH] CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
GHSA
GHSA-gr98-7cg9-j7c7: An issue was discovered in GitLab CE/EE affecting all versions starting from 15
ghsa_unreviewed·2024-06-27
CVE-2024-5655 [CRITICAL] CWE-284 GHSA-gr98-7cg9-j7c7: An issue was discovered in GitLab CE/EE affecting all versions starting from 15
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
GitLab
CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting f
vendor_gitlab·2024-06-27·CVSS 9.6
CVE-2024-5655 [CRITICAL] CWE-284 CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting f
CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
Debian
CVE-2024-5655: gitlab - An issue was discovered in GitLab CE/EE affecting all versions starting from 15....
vendor_debian·2024·CVSS 9.6
CVE-2024-5655 [CRITICAL] CVE-2024-5655: gitlab - An issue was discovered in GitLab CE/EE affecting all versions starting from 15....
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
Scope: local
sid: resolved (fixed in 17.3.5-2)
No detection rules found.
No public exploits indexed.
Bleepingcomputer
GitLab warns of critical arbitrary branch pipeline execution flaw
blogs_bleepingcomputer·2024-10-10·CVSS 7.3
CVE-2024-9164 [HIGH] GitLab warns of critical arbitrary branch pipeline execution flaw
## GitLab warns of critical arbitrary branch pipeline execution flaw
## Bill Toulas
GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw.
The vulnerability, which is tracked as CVE-2024-9164 , allows unauthorized users to trigger Continuous Integration/Continuous Delivery (CI/CD) pipelines on any branch of a repository.
CI/CD pipelines are automated processes that perform tasks such as building, testing, and deploying code, normally available only to users with appropriate permissions.
An attacker capable of bypassing branch protections could potentially perform code execution or gain access to sensitive information.
The issue, which has received a CVSS v3.1
Bleepingcomputer
GitLab warns of critical pipeline execution vulnerability
blogs_bleepingcomputer·2024-09-12·CVSS 8.2
CVE-2024-6678 [HIGH] GitLab warns of critical pipeline execution vulnerability
## GitLab warns of critical pipeline execution vulnerability
## Bill Toulas
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
The release is for versions 17.3.2, 17.2.5, and 17.1.7 for both GitLab Community Edition (CE) and Enterprise Edition (EE), and patches a total of 18 security issues as part of the bi-monthly (scheduled) security updates.
With a critical severity score of 9.9, the CVE-2024-6678 vulnerability could enable an attacker to execute environment stop actions as the owner of the stop action job.
The severity of the flaw comes from its potential for remote exploitation, lack of user interaction, and the low privileges requ
Checkpoint
1st July – Threat Intelligence Report
blogs_checkpoint·2024-07-01
CVE-2024-5805 1st July – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 1st July – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 1st July, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
The BlackSuit ransomware group has hit South Africa’s National Health Laboratory Service (NHLS), disrupting lab result dissemination amid a Mpox outbreak. The actors have deleted system sections, including backups, forcing manual result communication. Despite the attack, labs continue processing samples, but system restoration ti
2024-06-27
Published