GitLab
-
Blog
Europcar GitLab breach exposes data of up to 200,000 customers
A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 customers. The actor tried to extort the company by threatening to publish 37GB of data that includes backups and details about the company’s cloud infrastructure and internal…
Read More » -
Blog
GitLab patches critical authentication bypass vulnerabilities
GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws. All flaws were addressed in GitLab CE/EE versions 17.7.7, 17.8.5, and 17.9.2, while all versions before those are vulnerable. GitLab.com is already patched, and GitLab Dedicated customers will be updated automatically, but users who maintain…
Read More » -
Blog
GitLab warns of critical arbitrary branch pipeline execution flaw
GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, which is tracked as CVE-2024-9164, allows unauthorized users to trigger Continuous Integration/Continuous Delivery (CI/CD) pipelines on any branch of a repository. CI/CD pipelines are automated processes that perform tasks such as building, testing, and…
Read More » -
Blog
Everything you need to know about GitLab Duo Enterprise
GitLab Duo Enterprise is now generally available, giving users AI tools across every stage of software creation, which the company says will help users develop secure software faster. While the updates to the DevSecOps platform include code generation and code completion, including an autocomplete tool based on context, the aim is to give software engineers AI tools to aid the…
Read More »