IT News For Australia Business

GitLab fixes account takeover vulnerability

GitLab has patched a critical and trivial-to-exploit account takeover bug. The attack vector for CVE-2023-7028 is the password reset function. “User account password reset emails could be delivered to ...
Bleeping Computer

Critical GitLab vulnerability lets attackers take over accounts

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. The bug (discovered internally and tracked as ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Bleeping Computer

Critical GitLab bug lets attackers run pipelines as any user

A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based ...

Update Now: Serious GitLab Security Bugs Could Lead to System Takeovers

The government has issued a warning about serious security flaws in GitLab, cautioning organizations about potential risks to ...