heise online

Critical SAML login vulnerability with maximum score jeopardizes Gitlab server

Admins of self-hosted Gitlab instances should update their servers quickly. Due to a"critical" security vulnerability, access may be possible without logging in. In a warning message, the developers ...
heise online

Security patch: Gitlab fixes vulnerabilities in server versions

Three current versions fix the vulnerabilities, namely 17.3.2, 17.2.5 and 17.1.7 for the respective version trees of GitLab CE and EE. Administrators of self-hosted server versions should make sure to ...