Tag: GitLab
-
2nd critical GitLab patch of 2024 fixes arbitrary file writing bug
A GitLab vulnerability enabling file writing to arbitrary locations on a server was patched last Thursday, two weeks after the company …
-
Self-managed GitLab installations should be patched again (CVE-2024-0402)
Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a …
-
GitLab Flaw Let Attackers Write Files to Arbitrary Locations
GitLab releases security updates addressing several critical vulnerabilities, urging all users to upgrade immediately. This release is …
-
Veolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More – SWN #357
Defeating the MOAB: Fortifying our Passwords against a 26 Billion Record Breach All I can think about is the mother of all bombs, which …
-
GitLab password reset bug leaves more than 5.3K servers up for grabs
Team project management platform Trello was noted by the Have I Been Pwned? breach notification service to have data from more than 15 …
-
Security in Wrenches, Vulns in Atlassian and GitLab, 2023’s Top Web Hacking Tricks – ASW #270
Bluetooth keeps on giving. Vulnerabilities (CVE-2023-45866, CVE-2024-21306) were discovered that allow either pairing a virtual keyboard …
-
GitLab warns zero-click vulnerability could lead to account takeovers
GitLab has issued a warning about a critical vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). GitLab is an …
-
Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers
GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. …
-
Week in review: GitLab account takeover flaw, attackers exploiting Ivanti Connect Secure zero-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective …
-
Urgent: GitLab Releases Patch for Critical Vulnerabilities – Update ASAP
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts …
-
Critical GitLab flaw allows account takeover without user interaction, patch quickly! (CVE-2023-7028)
A critical vulnerability in GitLab CE/EE (CVE-2023-7028) can be easily exploited by attackers to reset GitLab user account passwords. While …
-
GitLab Launches Browser-Based Dynamic Application Security Testing (DAST) Scan
GitLab has recently introduced a browser-based Dynamic Application Security Testing (DAST) feature in version 16.4 (or DAST 4.0.9). This …
●●●