Tag: gitlab
-
Vulnerability Recap 7/1/24 Apple, GitLab, AI Platforms at Risk
First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-july-1-2024/
-
GitLab Patches Second Critical Pipeline Vulnerability In Last Month
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36100/GitLab-Patches-Second-Critical-Pipeline-Vulnerability-In-Last-Month.html
-
GitLab Ships Update for Critical Pipeline Execution Vulnerability
GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user. The post GitLab Ships U… First seen on securityweek.com Jump to article: www.securityweek.com/gitlab-ships-update-for-critical-pipeline-execution-vulnerability/
-
GitLab patches 2nd critical pipeline vulnerability in last month
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/gitlab-patches-2nd-critical-pipeline-vulnerability-in-last-month
-
Severe vulnerabilities addressed by GitLab, others
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/severe-vulnerabilities-addressed-by-gitlab-others
-
Critical bug lets attackers run pipelines as other users
GitLab warned today that a critical vulnerability in its product’s GitLab Community and Enterprise editions allows attackers to run pipeline jobs as a… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-bug-that-lets-attackers-run-pipelines-as-an-arbitrary-user/
-
GitLab Authentication Bypass Vulnerability (CVE-2024-6385) Notification
Overview Recently, NSFOCUS CERT detected that GitLab issued a security announcement and fixed the identity bypass vulnerability (CVE-2024-6385) in Git… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/gitlab-authentication-bypass-vulnerability-cve-2024-6385-notification/
-
Update für kritische Schwachstelle in GitLab verfügbar – CSS-Angriffe auf CI-Pipelines in GitLab
First seen on security-insider.de Jump to article: www.security-insider.de/gitlab-sicherheitsaktualisierung-ci-pipelines-a-f5a11b629de2797d1b7e2c876034012f/
-
GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others
GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous inte… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/gitlab-releases-patch-for-critical-cicd.html
-
Bitte patchen! Security-Update behebt kritische Schwachstelle in GitLab
Eine Reihe von Schwachstellen ermöglichen es in GitLab, CI-Pipelines als anderer User zu starten oder Cross-Site-Scripting über Commit Notes einzuschl… First seen on heise.de Jump to article: www.heise.de/news/Bitte-patchen-Security-Update-behebt-kritische-Schwachstelle-in-GitLab-9780254.html
-
Critical GitLab Bug Threatens Software Development Pipelines
First seen on darkreading.com Jump to article: www.darkreading.com/application-security/critical-gitlab-bug-threatens-software-development-pipelines
-
GitLab Security Updates Patch 14 Vulnerabilities
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36044/GitLab-Security-Updates-Patch-14-Vulnerabilities.html
-
Accountübernahme nach 1-Klick-Attacke möglich
Tags: gitlabFirst seen on heise.de Jump to article: www.heise.de/news/GitLab-Accountuebernahme-nach-1-Klick-Attacke-moeglich-9730570.html
-
Patch GitLab vuln without delay, users warned
First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366583457/Patch-GitLab-vuln-without-delay-users-warned
-
Dringend patchen: Gitlab-Schwachstelle ermöglicht Übernahme fremder Konten
First seen on golem.de Jump to article: www.golem.de/news/dringend-patchen-gitlab-schwachstelle-ermoeglicht-uebernahme-fremder-konten-2405-185399.html
-
Top 5 CVEs and Vulnerabilities of May 2024
May brought a fresh batch of security headaches. This month, we’re focusing on critical vulnerabilities in widely used software like Apache, Gitlab, a… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/top-5-cves-and-vulnerabilities-of-may-2024/
-
Vulnerability Recap 5/27/24 Google, Microsoft GitLab Fixes
First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-may-27-2024/
-
Sicherheit bei Benutzerkonten von GitLab gefährdet – Massive Schwachstellen bei GitLab
First seen on security-insider.de Jump to article: www.security-insider.de/gitlab-sicherheitsupdates-cve-2024-4835-cross-site-scripting-luecke-behoben-a-f523be78216232d14d46cf8c433aa54a/
-
Maximum-severity GitLab flaw allowing account hijacking under active exploitation
First seen on arstechnica.com Jump to article: arstechnica.com/
-
Several GitLab vulnerabilities addressed
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/several-gitlab-vulnerabilities-addressed
-
An XSS flaw in GitLab allows attackers to take over accounts
GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fix… First seen on securityaffairs.com Jump to article: securityaffairs.com/163649/hacking/gitlab-xss-flaw.html
-
High-severity GitLab flaw lets attackers take over accounts
GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) att… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/high-severity-gitlab-flaw-lets-attackers-take-over-accounts/
-
Vulnerability Recap 5/6/24 Aruba, Dropbox, GitLab Bugs
First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-may-6-2024/
-
GitLab Duo Enterprises set to be released
Tags: gitlabFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/gitlab-duo-enterprises-set-to-be-released
-
Federal frenzy to patch gaping GitLab account takeover hole
First seen on theregister.com Jump to article: www.theregister.com/2024/05/02/critical_gitlab_vulnerability/
-
Schwachstelle bei der Kennwortrücksetzung auf GitLab – CISA warnt vor aktiver Ausnutzung von Sicherheitslücken bei GitLab
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-warnt-vor-sicherheitsluecke-bei-gitlab-cve-2023-7028-a-5bf6001fadbec10add6ff52c2beea51c/
-
Account-Übernahme möglich: Kritische Gitlab-Schwachstelle wird aktiv ausgenutzt
Die Schwachstelle ermöglicht es Angreifern, beliebige Nutzerpasswörter über eine eigene E-Mail-Adresse zurückzusetzen. Tausende von Gitlab-Instanzen s… First seen on golem.de Jump to article: www.golem.de/news/account-uebernahme-moeglich-kritische-gitlab-schwachstelle-wird-aktiv-ausgenutzt-2405-184798.html
-
GitLab Duo plans harness growing interest in platform AI
GitLab’s next release will tie its Duo AI tools to the full DevSecOps pipeline in a bid to capitalize on increased interest in AI automation among pla… First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366581457/GitLab-Duo-plans-harness-growing-interest-in-platform-AI
-
CISA warnt: Microsoft Smartscreen- und Gitlab-Sicherheitsleck werden angegriffen
First seen on heise.de Jump to article: www.heise.de/news/Angreifer-umgehen-Microsoft-Smartscreen-und-brechen-in-Gitlab-ein-9705715.html
-
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KE… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/cisa-warns-of-active-exploitation-of.html