Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Bleeping Computer

Critical GitLab vulnerability lets attackers take over accounts

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...
TechRadar

GitLab releases emergency security patch, tells users to update immediately

GitLab has published a fix for a critical security vulnerability found in two of its products, with users told to apply the patch immediately. GitLab is a DevOps software package allowing users to ...
IT News For Australia Business

GitLab fixes account takeover vulnerability

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...
IT News For Australia Business

GitLab races out vulnerability-fix release

GitLab last week issued an emergency patch covering 16 vulnerabilities, one of them given a critical risk rating, along with three rated high severity. To fix the vulnerabilities, the organisation ...
Linux Journal

Take Your Git In-House

If you're wary of the Microsoft takeover of GitHub, or if you've been looking for a way to ween yourself off free public repositories, or if you want to ramp up your DevOps efforts, now's a good time ...
CCM

Gitlab vs Github: 2023, differences, which is best?

GitLab provides a complete DevOps platform, offering continuous integration, continuous delivery (CI/CD), issue tracking, code review and more. There are both cloud-hosted (GitLab.com) and self-hosted ...