Bleeping Computer

High-severity GitLab flaw lets attackers take over accounts

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. The security flaw (tracked as CVE-2024-4835) ...
Bleeping Computer

Critical GitLab vulnerability lets attackers take over accounts

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...
Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
Dark Reading

GitLab Releases Updates to Address Critical Vulnerabilities

In a newly released update, GitLab reports that it is releasing versions 16.7.2, 16.6.3, and 16.5.6 for GitLab Community Edition (CE) as well as Enterprise Edition (EE) in order to address a series of ...
CRN

Red Hat Says It’s Remediating GitLab Security ‘Incident’ At Consulting Arm

The IBM-owned company says it has ‘initiated necessary remediation steps’ after media outlets reported that a threat group claimed to compromise Red Hat code repositories. Red Hat disclosed that it ...