Heads up everyone! 10/10 in GitLab: (infosec.exchange)

submitted 9 months ago by briankrebs@infosec.exchange to c/random@kbin.run

2 comments fedilink hide all child comments

Heads up everyone! 10/10 in GitLab:

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.

The vendor strongly recommends updating as soon as possible all vulnerable versions of the DevSecOps platform (manual update required for self-hosted installations) and warns that if there is "no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected.”

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

top 2 comments

sorted by: hot top controversial new old

[-] SpaceLifeForm@infosec.exchange 1 points 9 months ago

@briankrebs@infosec.exchange

Stick to resd-only for now.

[-] rbos@mastodon.novylen.net 1 points 9 months ago

@briankrebs@infosec.exchange Thank you, this was timely and I really appreciate these notices.

this post was submitted on 12 Jan 2024

1 points (100.0% liked)

random

1 readers

1 users here now

Catch-all for uncategorized or purely random content. Also, "random" items from the Fediverse may appear here.

founded 1 year ago

MODERATORS

debounced@kbin.run