GitLab warns of high-severity 2FA bypass, denial-of-service flaws

GitLab has patched a high-severity two-factor authentication bypass impacting community and enterprise editions of its ...
CSO Online

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.
Dark Reading

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

A critical security vulnerability in GitLab is under active attack, according to CISA. It allows bad actors to send password reset emails for any account to an email address of their choice, thus ...
新浪网

GitLab将停止为中国区用户提供服务,建议迁移到极狐,不迁或被删账号

【TechWeb】12月23日消息,有开发者用户在社区发言称,在登录代码托管平台 GitLab Global 国际站后个人主页显示了一则重要通知《Important Change to Your GitLab.com Account》, 宣布将不再为位于中国大陆、澳门和香港的用户提供 GitLab.com 账户服务。平台建议受影响的用户将 ...
Bleeping Computer

GitLab security update fixes critical account take over flaw

GitLab has released a critical security update for multiple versions of its Community and Enterprise Edition products to address eight vulnerabilities, one of which allows account takeover. GitLab is ...
Seeking Alpha

Over 5,300 GitLab servers vulnerable to zero-click account takeover flaw - Bleeping Computer

More than 5,300 internet-exposed GitLab (NASDAQ:GTLB) servers are at risk to CVE-2023-7028, a zero-click account takeover flaw the company had warned about earlier, technology news site Bleeping ...