GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
A critical vulnerability in GitLab’s AI-powered coding assistant, Duo, has exposed private source code repositories to theft through a sophisticated indirect prompt injection attack, cybersecurity ...
Moving forward on AI, GitLab is offering a public beta of GitLab Duo Agent Platform, a devsecops orchestration platform intended to unlock asynchronous collaboration between developers and AI agents.
A new vulnerability in GitLab’s Ultimate Enterprise Edition used for managing source code is “dangerous” and needs to be quickly patched, says an expert. The vulnerability, CVE-2025-5121, is one of 10 ...
GitLab Secrets Manager, now in public beta, scopes credentials to individual jobs and governs access through the same controls used for code. Developer Flow now handles the full merge request ...