The Hacker News - GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week. The
from The Hacker News https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html
from The Hacker News https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html
Comments
Post a Comment