all InfoSec news
GitLab Patches Critical Account Takeover Vulnerability
April 4, 2022, 10:54 a.m. | Ionut Arghire
SecurityWeek RSS Feed www.securityweek.com
DevOps platform GitLab has reset the passwords of some user accounts, after addressing a critical account takeover vulnerability.
According to the company, in GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 14.7.7, 14.8.5, and 14.9.2, a hardcoded password was set when the account was registered using an OmniAuth provider.
account takeover critical gitlab news & industry patches takeover vulnerabilities vulnerability
More from www.securityweek.com / SecurityWeek RSS Feed
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
IT Security Manager
@ Teltonika | Vilnius/Kaunas, VL, LT
Security Officer - Part Time - Harrah's Gulf Coast
@ Caesars Entertainment | Biloxi, MS, United States
DevSecOps Full-stack Developer
@ Peraton | Fort Gordon, GA, United States
Cybersecurity Cooperation Lead
@ Peraton | Stuttgart, AE, United States
Cybersecurity Engineer - Malware & Forensics
@ ManTech | 201DU - Customer Site,Herndon, VA