Bleeping Computer

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. The critical (CVSS score: 10.0) flaw allows ...
Bleeping Computer

Over 30,000 GitLab servers still unpatched against critical bug

A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments remaining unpatched. The vulnerability is tracked as ...
GIGAZINE

GitLab server turns out to be exploited for DDoS attacks above 1Tbps

a malicious person has launched a DDoS attack exceeding 1 Tbps by exploiting a vulnerability existing in a user-hosted GitLab server. A patch for the problem was released in April 2021, but there are ...
heise online

Please patch! Security update fixes critical vulnerability in GitLab

The operators of GitLab have published critical patch releases for the version control platform. The vulnerabilities fixed in versions 17.1.1, 17.0.3 and 16.11.5 affect both the Community Edition (CE) ...