Bleeping Computer

Critical GitLab vulnerability lets attackers take over accounts

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...
TechRadar

GitLab users warned of flaw that allows file overwrite — so update now

GitLab recently discovered a critical vulnerability in its Community Edition (CE) and Enterprise Edition (EE) instances, which could allow malicious actors to write arbitrary files while creating a ...
Bleeping Computer

Critical GitLab bug lets attackers run pipelines as any user

A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Computer Weekly

Patch GitLab vuln without delay, users warned

The US Cybersecurity and Infrastructure Security Agency (CISA) has this week added a vulnerability that was first disclosed in January in the GitLab open source platform to its Known Exploited ...
Threat Post

Session Hijacking Bug Exposed GitLab Users Private Tokens

GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have opened its users up to session hijacking attacks. GitLab, the popular web-based Git repository ...

GitLab Appoints Chaim Mazal as Chief Information Security Officer

All Remote - GitLab Inc., the intelligent orchestration platform for DevSecOps, announced that Chaim Mazal has joined as ...