GitLab releases fix for critical SAML authentication bypass flaw
September 18, 2024 at 02:43PM GitLab has released security updates for a critical SAML authentication bypass vulnerability affecting self-managed installations of GitLab CE and EE. The flaw arises from a problem in the OmniAuth-SAML and Ruby-SAML libraries, allowing attackers to gain unauthorized access. GitLab strongly recommends immediate upgrades and suggests enabling two-factor authentication as a … Read more