GitLab warned today that a critical vulnerability in its product’s GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. […]
from https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-bug-that-lets-attackers-run-pipelines-as-an-arbitrary-user/