Bleeping Computer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.
TechRadar

GitLab warns of critical security flaw which could allow hacker takeovers

GitLab has upgraded its Community and Enterprise editions to fix a critical vulnerability which allowed malicious actors to run pipeline jobs as any other platform user. In its patch release notes, ...
Seeking Alpha

GitLab Announces Secure AI-driven Capabilities to Streamline Software Development

Enabling DevSecOps teams to quickly respond and remediate CI failures and code errors with AI-powered root cause analysis Empowering customers to measure the impact and ROI of their AI investments ...
Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Dark Reading

Critical GitLab Bug Threatens Software Development Pipelines

A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it ...
dbta

Cloud Seed from GitLab Appeases Desires for a Secure, Streamlined Cloud Adoption Tool

Built directly into the GitLab web UI, Cloud Seed employs CI/CD pipeline functions to allow seamless consumption of Google Cloud services. Cloud Seed enables developers, amid the developing or ...