A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. A newly disclosed vulnerability in GitLab Duo ...
GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The vendor ...
Researchers managed to trick GitLab’s AI-powered coding assistant to display malicious content to users and leak private source code by injecting hidden prompts in code comments, commit messages and ...