all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

5379 GitLab Servers are Vulnerable to Zero-Click Account Takeover Attacks

Add to bookmarks
Jan. 25, 2024, 1:07 p.m. | Eswar

Cyber Security News cybersecuritynews.com

GitLab has released important security fixes for versions 16.7.2, 16.6.4, and 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE). The fixes include multiple bugs, including a critical account takeover vulnerability that does not require user interaction. However, other fixes were approval and removal bypass from CODEOWNERS, execution of slash commands by abusing Slack/Mattermost […]


The post 5379 GitLab Servers are Vulnerable to Zero-Click Account Takeover Attacks appeared first on Cyber Security News.

16.7 account account takeover account takeover attacks attacks bugs bypass click community critical cyber security enterprise fixes gitlab important security servers takeover vulnerabilities vulnerability vulnerable zero-click

Visit resource

More from cybersecuritynews.com / Cyber Security News

Akamai to Acquire API Security Startup Noname for $450 Million 2 hours ago | cybersecuritynews.com
acquisition akamai akamai technologies api +17
Hunters Announces Full Adoption of OCSF and Introduces OCSF-Native Search 13 hours ago | cybersecuritynews.com
adoption advancement ceo cyber security +20
NCA Reveals Identity of LockBit Ransomware Group Leader 15 hours ago | cybersecuritynews.com
agency alias control crime +22
HijackLoader Using Weaponized PNG Files To Deliver Multiple Malware 16 hours ago | cybersecuritynews.com
amadey bypass cyber-attack cyber security +20
Yoast SEO Plugin XSS Flaw Exposes 5 Million+ WordPress Websites to Attack 16 hours ago | cybersecuritynews.com
attack bounty bug bug bounty +24
MITRE Shares Details on Nation-State Hackers’ Intrusion into Research Network 17 hours ago | cybersecuritynews.com
actor centers chinese compromised +22
Oracle Weblogic Server Flaw Allows Attackers Full Control – PoC Released 17 hours ago | cybersecuritynews.com
attackers code code execution control +22
Microsoft Defender XDR Expanded to Malicious OAuth Apps With the Power of AI 19 hours ago | cybersecuritynews.com
advanced ai-powered and response applications +26
Beware! 150+ SSH Accounts With Root Access Advertised On Hacker Forums 19 hours ago | cybersecuritynews.com
access accounts cyber security cybersecurity +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Problem Manager

@ Deutsche Bank | Bucharest
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, VA, Chantilly (15009 Conference Ctr Dr)
View on infosec-jobs.com

Senior Account Executive - Cybersecurity

@ OpenText | Virtual, CA
View on infosec-jobs.com

Grants Compliance Senior Specialist

@ Plan International | Bamako, Mali
View on infosec-jobs.com

Sr. Cybersecurity Engineer- Tenable

@ phia, LLC | Arlington, VA
View on infosec-jobs.com

Portfolio Manager- Enterprise Information Security Auditing

@ American Chemical Society | Columbus, OH, US, 43202
View on infosec-jobs.com
View more jobs