Vulnerabilities GitLab Patches Pipeline Execution, SSRF, XSS Vulnerabilities The latest GitLab update resolves eight vulnerabilities, including critical- and high-severity pipeline execution flaws. Ionut ArghireOctober 11, 2024
Vulnerabilities GitLab Patches Critical Authentication Bypass Vulnerability GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances. Ionut ArghireSeptember 19, 2024
Vulnerabilities GitLab Updates Resolve Critical Pipeline Execution Vulnerability GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw. Ionut ArghireSeptember 13, 2024
Supply Chain Security GitLab Ships Update for Critical Pipeline Execution Vulnerability GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user. Ionut ArghireJuly 11, 2024
Vulnerabilities GitLab Security Updates Patch 14 Vulnerabilities GitLab CE and EE updates resolve 14 vulnerabilities, including a critical- and three high-severity bugs. Ionut ArghireJune 27, 2024
Vulnerabilities 1,400 GitLab Servers Impacted by Exploited Vulnerability CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched. Ionut ArghireMay 2, 2024
Vulnerabilities Thousands of GitLab Instances Unpatched Against Critical Password Reset Bug Over 5,000 GitLab servers have yet to be patched against CVE-2023-7028, a critical password reset vulnerability. Ionut ArghireJanuary 25, 2024
Vulnerabilities GitLab Patches Critical Password Reset Vulnerability GitLab has resolved a critical authentication vulnerability allowing attackers to hijack password reset emails. Ionut ArghireJanuary 15, 2024
Vulnerabilities GitLab Patches Critical Pipeline Execution Vulnerability GitLab has released security updates to address a critical-severity vulnerability allowing an attacker to run pipelines as another user. Ionut ArghireSeptember 20, 2023
Vulnerabilities GitLab Security Update Patches Critical Vulnerability GitLab CE/EE version 16.0.1 patches a critical arbitrary file read vulnerability tracked as CVE-2023-2825. Ionut ArghireMay 25, 2023