GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.
The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week.
TheRead More
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions [email protected] (The Hacker News)
by
Tags: