GitLab

  • Blog

    GitLab patches critical authentication bypass vulnerabilities

    GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws. All flaws were addressed in GitLab CE/EE versions 17.7.7, 17.8.5, and 17.9.2, while all versions before those are vulnerable.  GitLab.com is already patched, and GitLab Dedicated customers will be updated automatically, but users who maintain…

    Read More »
  • Blog

    GitLab warns of critical arbitrary branch pipeline execution flaw

    GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, which is tracked as CVE-2024-9164, allows unauthorized users to trigger Continuous Integration/Continuous Delivery (CI/CD) pipelines on any branch of a repository. CI/CD pipelines are automated processes that perform tasks such as building, testing, and…

    Read More »
  • Blog

    Everything you need to know about GitLab Duo Enterprise

    GitLab Duo Enterprise is now generally available, giving users AI tools across every stage of software creation, which the company says will help users develop secure software faster.  While the updates to the DevSecOps platform include code generation and code completion, including an autocomplete tool based on context, the aim is to give software engineers AI tools to aid the…

    Read More »
Back to top button
close