The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...

A new patch fixes six important GitLab flaws ...

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government ...

Developers with GitLab fixed a critical vulnerability in the open source repository manager that could have allowed the theft of application files, tokens, or secrets. Developers with GitLab this week ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code. A critical GitLab vulnerability, which could be leveraged by a remote attacker to execute code, ...

GitLab has released patches for seven vulnerabilities, including a high-severity flaw that allowed threat actors to take over people’s accounts. The highlight of the security advisory is an XSS ...

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...