Critical GitLab Vulnerability

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution Oct 11, 2024Ravie LakshmananDevOps / Vulnerability GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on Read more…

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover Read more…