Bleeping Computer

Critical GitLab bug lets attackers run pipelines as any user

A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based ...
Dark Reading

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

A critical security vulnerability in GitLab is under active attack, according to CISA. It allows bad actors to send password reset emails for any account to an email address of their choice, thus ...