Critical GitLab bug lets attackers run pipelines as any user
A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user.
Over 5,300 GitLab servers exposed to zero-click account takeover attacks
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.