GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.

Community driven content discussing all aspects of software development from DevOps to design patterns. In previous tutorials we explored how to perform a GitLab clone and pull files from a GitLab ...

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...

A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it ...

Agentic SAST Vulnerability Resolution is now generally available, automatically generating ready-to-merge code fixes and helping resolve vulnerabilities before they reach production. Two new agents in ...

GitLab CI/CD, when paired with best practices and tools like Docker Runners and quality gates, can dramatically speed up deployments while improving code quality and security. From committing early to ...