GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
19 September 2024
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.
The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed by the maintainers last week.
The