Read more: securityaffairs.com
A critical vulnerability, identified as CVE-2024-9164, has been patched in GitLab EE versions. This flaw enables remote attackers to execute pipelines on arbitrary branches within a repository, potentially leading to code execution. The vulnerability arises from a lack of proper authorization checks during pipeline execution. Organizations using GitLab EE are strongly advised to update to the latest patched versions to mitigate this risk.