1,400 GitLab Servers Impacted By Exploited Vulnerability

1,400 GitLab Servers Impacted By Exploited Vulnerability

1,400 GitLab Servers Impacted By Exploited Vulnerability

Cybersecurity

3 minutes

May 9, 2024

Recently, there was a critical vulnerability in GitLab servers that allowed attackers to take over accounts by sending password reset emails to unverified addresses. This has affected multiple versions of GitLab – and although patches were released in January 2024, there was evidence that attackers were actively exploiting these vulnerabilities.

Recently, there was a critical vulnerability in GitLab servers that allowed attackers to take over accounts by sending password reset emails to unverified addresses. This has affected multiple versions of GitLab – and although patches were released in January 2024, there was evidence that attackers were actively exploiting these vulnerabilities.

Recently, there was a critical vulnerability in GitLab servers that allowed attackers to take over accounts by sending password reset emails to unverified addresses. This has affected multiple versions of GitLab – and although patches were released in January 2024, there was evidence that attackers were actively exploiting these vulnerabilities.

“GitLab patched the security defect in January 2024, warning that GitLab Community Edition (CE) and Enterprise Edition (EE) versions 16.1 to 16.7.1 are affected. Fixes were included in GitLab versions 16.5.6, 16.6.4, and 16.7.2 and backported to versions 16.1.6, 16.2.9, 16.3.7, and 16.4.5. GitLab said at the time that it had not observed in-the-wild exploitation of CVE-2023-7028, but CISA on Wednesday added the bug to its Known Exploited Vulnerabilities (KEV) Catalog, saying it has evidence of active exploitation. SecurityWeek has not seen other reports of CVE-2023-7028 being targeted in attacks.”

“GitLab patched the security defect in January 2024, warning that GitLab Community Edition (CE) and Enterprise Edition (EE) versions 16.1 to 16.7.1 are affected. Fixes were included in GitLab versions 16.5.6, 16.6.4, and 16.7.2 and backported to versions 16.1.6, 16.2.9, 16.3.7, and 16.4.5. GitLab said at the time that it had not observed in-the-wild exploitation of CVE-2023-7028, but CISA on Wednesday added the bug to its Known Exploited Vulnerabilities (KEV) Catalog, saying it has evidence of active exploitation. SecurityWeek has not seen other reports of CVE-2023-7028 being targeted in attacks.”

“GitLab patched the security defect in January 2024, warning that GitLab Community Edition (CE) and Enterprise Edition (EE) versions 16.1 to 16.7.1 are affected. Fixes were included in GitLab versions 16.5.6, 16.6.4, and 16.7.2 and backported to versions 16.1.6, 16.2.9, 16.3.7, and 16.4.5. GitLab said at the time that it had not observed in-the-wild exploitation of CVE-2023-7028, but CISA on Wednesday added the bug to its Known Exploited Vulnerabilities (KEV) Catalog, saying it has evidence of active exploitation. SecurityWeek has not seen other reports of CVE-2023-7028 being targeted in attacks.”

Fr0ntierX offers cybersecurity and access management solutions by utilizing artificial intelligence to secure and protect sensitive data throughout its lifecycle. Our comprehensive and multilayered approach prioritizes user privacy while continuing to provide granular-level insights and analytics for strategic decision making. With features including multifactor authentication, advanced encryption, biometrics, and more, Fr0ntierX ensures actionable insights without ever compromising personal information and data security.


Fr0ntierX offers cybersecurity and access management solutions by utilizing artificial intelligence to secure and protect sensitive data throughout its lifecycle. Our comprehensive and multilayered approach prioritizes user privacy while continuing to provide granular-level insights and analytics for strategic decision making. With features including multifactor authentication, advanced encryption, biometrics, and more, Fr0ntierX ensures actionable insights without ever compromising personal information and data security.


Fr0ntierX offers cybersecurity and access management solutions by utilizing artificial intelligence to secure and protect sensitive data throughout its lifecycle. Our comprehensive and multilayered approach prioritizes user privacy while continuing to provide granular-level insights and analytics for strategic decision making. With features including multifactor authentication, advanced encryption, biometrics, and more, Fr0ntierX ensures actionable insights without ever compromising personal information and data security.


Cybersecurity | Access Management | Artificial Intelligence | Data Protection | User Privacy | Data Analytics | Decision Making | Multifactor Authentication | Encryption | Biometrics | Actionable Insights | Fr0ntierX

← Latest

5 Things To Know About Ransomware Threats In 2025

As attackers increasingly target mid-sized organizations and critical infrastructure sectors, ransomware attacks remain a significant cybersecurity threat. To counter this, cybersecurity leaders are focusing on fundamental security practices such as vulnerability management and credential protection.

← Latest

5 Things To Know About Ransomware Threats In 2025

As attackers increasingly target mid-sized organizations and critical infrastructure sectors, ransomware attacks remain a significant cybersecurity threat. To counter this, cybersecurity leaders are focusing on fundamental security practices such as vulnerability management and credential protection.

← Latest

5 Things To Know About Ransomware Threats In 2025

As attackers increasingly target mid-sized organizations and critical infrastructure sectors, ransomware attacks remain a significant cybersecurity threat. To counter this, cybersecurity leaders are focusing on fundamental security practices such as vulnerability management and credential protection.

Next →

Using Artificial Intelligence To Think Outside The Box

Fr0ntierX allows enterprises to leverage strategic decision making without compromising security; our multilayered cybersecurity & access management architecture utilizes AI and emerging technologies to ensure data is secure throughout all stages, thereby reducing attack vectors.

Next →

Using Artificial Intelligence To Think Outside The Box

Fr0ntierX allows enterprises to leverage strategic decision making without compromising security; our multilayered cybersecurity & access management architecture utilizes AI and emerging technologies to ensure data is secure throughout all stages, thereby reducing attack vectors.

Next →

Using Artificial Intelligence To Think Outside The Box

Fr0ntierX allows enterprises to leverage strategic decision making without compromising security; our multilayered cybersecurity & access management architecture utilizes AI and emerging technologies to ensure data is secure throughout all stages, thereby reducing attack vectors.

Products

Resources

Company

Security

Contact

Request Demo

Products

Resources

Company

Security

Contact

Request Demo

© 2025 Fr0ntierX Inc. All rights reserved. Janus, Polaris, and the Janus and Polaris logos are trademarks of Fr0ntierX Inc.

Privacy Policy

|

Terms of Service

|

Careers

© 2025 Fr0ntierX Inc. All rights reserved. Janus, Polaris, and the Janus and Polaris logos are trademarks of Fr0ntierX Inc.

Privacy Policy

|

Terms of Service

|

Careers

© 2025 Fr0ntierX Inc. All rights reserved. Janus, Polaris, and the Janus and Polaris logos are trademarks of Fr0ntierX Inc.

Privacy Policy

|

Terms of Service

|

Careers

© 2025 Fr0ntierX Inc. All rights reserved. Janus, Polaris, and the Janus and Polaris logos are trademarks of Fr0ntierX Inc.

Privacy Policy

|

Terms of Service

|

Careers