Heads up everyone! 10/10 in GitLab:

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.

The vendor strongly recommends updating as soon as possible all vulnerable versions of the DevSecOps platform (manual update required for self-hosted installations) and warns that if there is "no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected.”

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

You must log in or register to comment.

Chat

SpaceLifeForm@infosec.exchange
link
fedilink
arrow-up
1·
8 months ago
@briankrebs@infosec.exchange

Stick to resd-only for now.
Rob Bos@mastodon.novylen.net
link
fedilink
arrow-up
1·
8 months ago
@briankrebs@infosec.exchange Thank you, this was timely and I really appreciate these notices.

random@kbin.run

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !random@kbin.run

Catch-all for uncategorized or purely random content. Also, “random” items from the Fediverse may appear here.

Rules

Do not post or link to any illegal and/or copyrighted material.

Any sensitive or inappropriate submissions will be removed.

Be respectful of other people’s opinions and behave yourselves.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
39 users / week
39 users / month
1 user / 6 months
1 local subscriber
1 subscriber
705 Posts
1.51K Comments
Modlog

mods:
debounced@kbin.run