Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
TechRadar

GitLab users told to install emergency security fix immediately

GitLab has released a fix for a newly discovered security flaw, and is urging its users to install immediately as it addresses a high-severity vulnerability that can cause all sorts of trouble. In a ...
TechRadar

GitLab users warned of flaw that allows file overwrite — so update now

GitLab recently discovered a critical vulnerability in its Community Edition (CE) and Enterprise Edition (EE) instances, which could allow malicious actors to write arbitrary files while creating a ...
Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
Dark Reading

GitLab Releases Updates to Address Critical Vulnerabilities

In a newly released update, GitLab reports that it is releasing versions 16.7.2, 16.6.3, and 16.5.6 for GitLab Community Edition (CE) as well as Enterprise Edition (EE) in order to address a series of ...