GitLab patches major security flaw - here's what we know

GitLab also patched two DoS flaws that can be triggered by configuring malformed Wiki documents and sending repeated ...
InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.

GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its ...
Dark Reading

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

A critical security vulnerability in GitLab is under active attack, according to CISA. It allows bad actors to send password reset emails for any account to an email address of their choice, thus ...
Seeking Alpha

Over 5,300 GitLab servers vulnerable to zero-click account takeover flaw - Bleeping Computer

More than 5,300 internet-exposed GitLab (NASDAQ:GTLB) servers are at risk to CVE-2023-7028, a zero-click account takeover flaw the company had warned about earlier, technology news site Bleeping ...
Computer Weekly

Patch GitLab vuln without delay, users warned

The US Cybersecurity and Infrastructure Security Agency (CISA) has this week added a vulnerability that was first disclosed in January in the GitLab open source platform to its Known Exploited ...