GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
A new vulnerability in GitLab’s Ultimate Enterprise Edition used for managing source code is “dangerous” and needs to be quickly patched, says an expert. The vulnerability, CVE-2025-5121, is one of 10 ...
GitLab Secrets Manager, now in public beta, scopes credentials to individual jobs and governs access through the same controls used for code. Developer Flow now handles the full merge request ...
The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched. A critical two-factor authentication bypass vulnerability in the Community ...
Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Andy Brinkmeyer shares how engineering ...