When CISA adds a vulnerability to its Known Exploited Vulnerabilities (KEV) list, it means all federal civilian executive branch (FCEB) agencies usually have a maximum of 21 days to fix the issue to prevent harmful attacks on the government.
Starting in version 16.1.0, released May 1, 2023, a change was introduced that allowed users to reset their GitLab account passwords using a different email address, and a bug in the verification process opened up the vulnerability.
[
add
]
[
|
|
...
]