Bleeping Computer

Critical GitLab vulnerability lets attackers take over accounts

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...
Bleeping Computer

GitLab urges users to install security updates for critical pipeline flaw

GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users via scheduled security scan policies. GitLab is a popular ...
Dark Reading

GitLab Users Advised to Update Against Critical Flaw Immediately

GitLab users need to update their servers urgently to protect against a new critical flaw that could allow threat actors to run pipelines as other users and compromise private repositories. The flaw, ...
Threat Post

Session Hijacking Bug Exposed GitLab Users Private Tokens

GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have opened its users up to session hijacking attacks. GitLab, the popular web-based Git repository ...
CSOonline

GitLab repairs critical flaw that lets users log in as admins

GitLab patched multiple privilege escalation flaws, cross-site scripting bugs, and information disclosure vulnerabilities in both the open source and commercial versions of its self-hosted system for ...