#DevOpsPlatform

GitLab Warns of Max Severity Authentication Bypass Bug

by

September 19, 2024 at 05:16PM Organizations using self-hosted GitLab instances with SAML-based authentication are advised to urgently update to the latest versions due to a severe bug (CVE-2024-45409) allowing attackers to bypass authentication checks and gain unauthorized access. GitLab has already updated managed instances but urges self-managed installations to patch immediately to mitigate the vulnerability. … Read more

GitLab Ships Update for Critical Pipeline Execution Vulnerability

by

July 11, 2024 at 10:48AM GitLab has released security updates to address six vulnerabilities in GitLab CE and EE, including a critical-severity bug (CVE-2024-6385) allowing an attacker to trigger a pipeline as another user. The updates also address a medium-severity bug and four low-severity flaws. Users are advised to update their instances promptly due to … Read more