Dark Reading

GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln

For the second time in less than a month GitLab has users scrambling to address a critical vulnerability in the community and enterprise editions of its DevOps ...
Embedded

How to define your ideal embedded CI/CD pipeline

In my earlier post, How to define your ideal embedded build system, we discussed build systems and how important it is to define your modern embedded build system. A build system forms the foundation ...
TechRepublic

GitLab CI/CD Tool Review

We review the continuous integration and delivery tool, GitLab CI/CD. Learn more about its features, pros, and pricing. GitLab CI/CD is a DevOps automation tool that helps software developers automate ...
Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
Bleeping Computer

GitLab: Critical bug lets attackers run pipelines as other users

GitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. The GitLab DevSecOps platform has ...