{"id":56556,"date":"2024-07-12T14:33:24","date_gmt":"2024-07-12T14:33:24","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/36100\/GitLab-Patches-Second-Critical-Pipeline-Vulnerability-In-Last-Month.html"},"modified":"2024-07-12T14:33:24","modified_gmt":"2024-07-12T14:33:24","slug":"gitlab-patches-second-critical-pipeline-vulnerability-in-last-month","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/","title":{"rendered":"GitLab Patches Second Critical Pipeline Vulnerability In Last Month"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/07\/AdobeStock_504744426_Editorial_Use_Only-1.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>GitLab has patched a second critical vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) that could allow attackers to run pipelines as arbitrary users.<\/p>\n<p>The vulnerability, tracked as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-6385\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2024-6385<\/a>, was <a href=\"https:\/\/about.gitlab.com\/releases\/2024\/07\/10\/patch-release-gitlab-17-1-2-released\/\" target=\"_blank\" rel=\"noreferrer noopener\">fixed in a critical patch release<\/a> Wednesday and is similar to another flaw, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-5655\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2024-5655<\/a>, that was <a href=\"https:\/\/www.scmagazine.com\/brief\/over-a-dozen-gitlab-vulnerabilities-addressed\" target=\"_blank\" rel=\"noreferrer noopener\">patched on June 26<\/a>. Both flaws were assigned a CVSS score of 9.6 by GitLab and enable the triggering of pipelines as another user \u201cunder certain circumstances.\u201d<\/p>\n<p>The GitLab continuous integration\/continuous deployment (CI\/CD) platform has more than 30 million registered users, and is used by major companies, including T-Mobile, Siemens and Nvidia, <a href=\"https:\/\/about.gitlab.com\/company\/\" target=\"_blank\" rel=\"noreferrer noopener\">according to the GitLab website<\/a>.<\/p>\n<p>The critical vulnerabilities CVE-2024-6385 and CVE-2024-5655 could put developers\u2019 projects at risk by enabling attackers to \u201crun malicious code, access sensitive data and compromise software integrity,\u201d Contrast Security CISO David Lindner told SC Media.<\/p>\n<p>\u201cThis is REALLY bad, as it effectively turns off access controls for running pipelines, which is the lifeblood of moving software from development to production,\u201d Lindner said in an email.<\/p>\n<h2>How to mitigate critical GitLab vulnerabilities<\/h2>\n<p>CVE-2024-6385 affects GitLab CE\/EE versions 15.8 prior to 16.11.6, 17.0 prior to 17.0.4, and 17.1 prior to 17.1.2. The issue is resolved by updating to versions 16.11.6, 17.0.4 or 17.1.2, which GitLab recommends users do \u201cas soon as possible.\u201d<\/p>\n<p>\u201cOnce a pipeline is compromised, software can be altered with malware, backdoors, or used to steal private information from organizations. This is difficult to detect because security scans are usually conducted earlier in the SDLC [systems development life cycle] process,\u201d warned Ray Kelly, a security expert at Synopsys Software Integrity Group, in an email to SC Media.<\/p>\n<p>Kelly added that while patching vulnerabilities immediately is important to prevent a major supply chain breach, there are additional measures developers can take to secure their pipelines.<\/p>\n<p>\u201cIntroducing security scanning within the pipeline can help detect issues before they deployed,\u201d Kelly noted.<\/p>\n<p>With the vulnerability and patch management challenges, such as the two nearly identical, back-to-back GitLab CVEs, facing development teams, proactive measures to protect CI\/CD environments are becoming more important to ward off a potential supply chain disaster, data breach or production-delaying denial of service incident.<\/p>\n<p>Commenting on the earlier vulnerability CVE-2024-5655 in June, Skybox Security Vice President of Worldwide Systems Engineering Alistair Williams told SC Media the issue \u201chighlights the need for organizations to move beyond reactive security measures.\u201d<\/p>\n<p>Williams recommended that organizations stay on top of threats by employing continuous monitoring of their development tools for security risks and identify compensating controls for scenarios where immediate patching of vulnerabilities is not feasible.<\/p>\n<p>\u201cThis, combined with access to the latest threat intelligence, will help organizations identify weaknesses before they can be exploited. Furthermore, prioritizing vulnerabilities based on factors like exploitability, network accessibility, and potential financial impact allows organizations to focus on the most critical threats first,\u201d Williams said.<\/p>\n<p>While there is no evidence that either of the critical pipeline vulnerabilities have been exploited in the wild, GitLab accounts have been targeted by attackers exploiting a vulnerability tracked as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-7028\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2023-7028<\/a>, which was disclosed and patched in January and <a href=\"https:\/\/www.scmagazine.com\/news\/critical-gitlab-account-takeover-flaw-added-to-cisas-kev-catalog\" target=\"_blank\" rel=\"noreferrer noopener\">added to the Cybersecurity &amp; Infrastructure Security Agency\u2019s (CISA) Known Exploited Vulnerabilities (KEV) catalog<\/a> in May.<\/p>\n<p>This vulnerability could enable account takeover due to a flaw in the password reset process and was assigned the maximum CVSS score of 10 by GitLab. More than 2,100 GitLab instances were vulnerability to this flaw when it was added to the KEV, according to Shadowserver; Shadowserver\u2019s online dashboard for CVE-2023-7028 indicates 1,890 instances remained exposed as of July 10.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/36100\/GitLab-Patches-Second-Critical-Pipeline-Vulnerability-In-Last-Month.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":56557,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[1011],"class_list":["post-56556","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflawpatch"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>GitLab Patches Second Critical Pipeline Vulnerability In Last Month 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GitLab Patches Second Critical Pipeline Vulnerability In Last Month 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-12T14:33:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/07\/AdobeStock_504744426_Editorial_Use_Only-1.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"GitLab Patches Second Critical Pipeline Vulnerability In Last Month\",\"datePublished\":\"2024-07-12T14:33:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/\"},\"wordCount\":596,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg\",\"keywords\":[\"headline,flaw,patch\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/\",\"name\":\"GitLab Patches Second Critical Pipeline Vulnerability In Last Month 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg\",\"datePublished\":\"2024-07-12T14:33:24+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg\",\"width\":800,\"height\":471},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw,patch\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflawpatch\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"GitLab Patches Second Critical Pipeline Vulnerability In Last Month\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GitLab Patches Second Critical Pipeline Vulnerability In Last Month 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/","og_locale":"en_US","og_type":"article","og_title":"GitLab Patches Second Critical Pipeline Vulnerability In Last Month 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-07-12T14:33:24+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/07\/AdobeStock_504744426_Editorial_Use_Only-1.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"GitLab Patches Second Critical Pipeline Vulnerability In Last Month","datePublished":"2024-07-12T14:33:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/"},"wordCount":596,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/07\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg","keywords":["headline,flaw,patch"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/","url":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/","name":"GitLab Patches Second Critical Pipeline Vulnerability In Last Month 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/07\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg","datePublished":"2024-07-12T14:33:24+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/07\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/07\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month.jpg","width":800,"height":471},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/gitlab-patches-second-critical-pipeline-vulnerability-in-last-month\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw,patch","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflawpatch\/"},{"@type":"ListItem","position":3,"name":"GitLab Patches Second Critical Pipeline Vulnerability In Last Month"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=56556"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56556\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/56557"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=56556"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=56556"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=56556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}