CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...

GitLab patches major security flaw - here's what we know

A new patch fixes six important GitLab flaws ...
InfoQ

GitLab Introduces Advanced Vulnerability Tracking to Tackle Code Volatility and Double Reporting

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
InfoQ

GitLab Release Brings Protected Container Repositories; Fixes XSS Vulnerability

GitLab has announced the release of version 17.8, which has significant security enhancements, new container repository features, machine learning capabilities, and better deployment tracking. The ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Dark Reading

Critical GitLab Bug Threatens Software Development Pipelines

A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it ...
Cyber Daily

Alert! CISA warns of 4 exploited vulnerabilities

A critical-severity SolarWinds Web Help Desk vulnerability has been added to the Known Exploited Vulnerabilities (KEV) ...