GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.

Following on from their previous project which detailed how to install GitLab on the Raspberry Pi 4, Hackster.io member Mikrocontroller Projekte has published a new project providing more details ...

GitLab releases patch for nine flaws, including two critical severity ones The critical flaws allowed threat actors to bypass authentication and could lead to data exfiltration Patch is available now, ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...

GitLab provides a complete DevOps platform, offering continuous integration, continuous delivery (CI/CD), issue tracking, code review and more. There are both cloud-hosted (GitLab.com) and self-hosted ...