random

1 readers

57 users here now

Catch-all for uncategorized or purely random content. Also, "random" items from the Fediverse may appear here.

Rules

Do not post or link to any illegal and/or copyrighted material.

Any sensitive or inappropriate submissions will be removed.

Be respectful of other people's opinions and behave yourselves.

founded 1 year ago

MODERATORS

[email protected]

Heads up everyone! 10/10 in GitLab: (infosec.exchange)

submitted 10 months ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Heads up everyone! 10/10 in GitLab:

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.

The vendor strongly recommends updating as soon as possible all vulnerable versions of the DevSecOps platform (manual update required for self-hosted installations) and warns that if there is "no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected.”

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 1 points 10 months ago

@[email protected]

Stick to resd-only for now.

[–] [email protected] 1 points 10 months ago

@[email protected] Thank you, this was timely and I really appreciate these notices.