GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Andy Brinkmeyer shares how engineering ...
Moving forward on AI, GitLab is offering a public beta of GitLab Duo Agent Platform, a devsecops orchestration platform intended to unlock asynchronous collaboration between developers and AI agents.
GitLab Secrets Manager, now in public beta, scopes credentials to individual jobs and governs access through the same controls used for code. Developer Flow now handles the full merge request ...
GitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. The GitLab DevSecOps platform has ...
A new vulnerability in GitLab’s Ultimate Enterprise Edition used for managing source code is “dangerous” and needs to be quickly patched, says an expert. The vulnerability, CVE-2025-5121, is one of 10 ...
Git isn't hard to learn, and when you combine Git with GitLab, you've made it a whole lot easier to share code and manage a common Git commit history with the rest of your team. This tutorial shows ...