👩💻 Join our community of thousands of amazing developers!
We want to share the actions we’ve taken in response to the critical Rubygems ‘Unauthorized gem takeover for some gems’ vulnerability (CVE-2022-29176). Upon becoming aware of the vulnerability within Rubygems.org, we immediately began our investigation and contacted Rubygems who quickly patched the vulnerability. Our Security team tested the usage of gems within our product and across our company and found gems within GitLab from rubygems.org were no longer vulnerable. At this time, no malicious...