Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
Bleeping Computer

GitLab urges users to install security updates for critical pipeline flaw

GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users via scheduled security scan policies. GitLab is a popular ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Dark Reading

Critical GitLab Bug Threatens Software Development Pipelines

A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it ...
InfoWorld

GitLab 14.8 adds security approval policies, extends SSH support

Update to the GitLab devops platform introduces chainable security approval policies as the replacement for the deprecated Vulnerability-Check feature. Newly arrived GitLab 14.8 updates the software ...
CSOonline

Gitlab fixes bug that exploited internal policies to trigger hostile pipelines

Gitlab has released two patched releases, 16.2.7 and 16.3.4 for the Enterprise (EE) and Community (CE) editions of the DevOps platform in response to a critical severity bug discovered through its ...
TechRepublic

GitLab on how DevSecOps can help developers provide security from end-to-end

GitLab on how DevSecOps can help developers provide security from end-to-end Your email has been sent GitLab's VP of security talks about the efficiencies that DevSecOps brings to developers and the ...