GitLab Security Team

Recent posts

Improving OAuth ROPC security on GitLab.com

GitLab.com is improving the security of OAuth Resource Owner Password Credentials (ROPC) by requiring client authentication, effective April 8, 2025.

Security

Unmasking password attacks at GitLab

Our security team has identified an increased volume of password attacks against GitLab.com on the OAuth API endpoint since September 22, 2023. Learn more.

Security

New OpenSSL 3.0 vulnerabilities: What you need to know to find and fix them

Learn how to identify your risk for CVE-2022-3786 and CVE-2022-3602.

Ready to get started?

See what your team could do with a unified DevSecOps Platform

Get free trial

Find out which plan works best for your team

Learn about pricing

Learn about what GitLab can do for your team

Talk to an expert

GitLab Security Team

Recent posts

Improving OAuth ROPC security on GitLab.com

Unmasking password attacks at GitLab

New OpenSSL 3.0 vulnerabilities: What you need to know to find and fix them

Ready to get started?

Pricing

Contact Us

Product

Topics

Solutions

Resources

Company

GitLab Security Team

Recent posts

Improving OAuth ROPC security on GitLab.com

Unmasking password attacks at GitLab

New OpenSSL 3.0 vulnerabilities: What you need to know to find and fix them

Stay in the know with GitLab's monthly newsletter

Ready to get started?