CyberSecurityBoard
Sponsor Register Login

GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User

Security experts recommend that organizations running GitLab implement these updates as soon as possible, especially those using SAML authentication or considering enabling the Direct Transfer feature. The vulnerability can be exploited if an attacker-controlled authenticated user account attempts to transfer a maliciously-crafted project via the Direct Transfer feature, which is currently in beta stage and disabled by default for all self-managed GitLab instances. GitLab has acknowledged the work of security researcher “yvvdwf” who reported this vulnerability through their HackerOne bug bounty program, as well as Robert Mosolgo from ruby-graphql for collaboration on cross-vendor disclosure and remediation efforts. According to GitLab’s security advisory, an attacker with access to a valid signed SAML document from an Identity Provider (IdP) could exploit these vulnerabilities to authenticate as another legitimate user within the environment’s SAML IdP. These include enabling GitLab’s native two-factor authentication for all user accounts, disabling the SAML two-factor bypass option, and requiring administrative approval for automatically created new users by setting gitlab_rails[‘omniauth_block_auto_created_users’] = true in the configuration. The company has urged all self-managed GitLab installations to immediately upgrade to versions 17.9.2, 17.8.5, or 17.7.7 for both Community Edition (CE) and Enterprise Edition (EE) to address these security issues. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Additionally, GitLab has addressed CVE-2025-27407, a “High” severity vulnerability discovered in the Ruby graphql library. The patch releases include various bug fixes addressing issues such as search timeout problems with special characters, project repository logic, and improvements to development kit components. GitLab Dedicated customers have been advised that they do not need to take immediate action and will be notified once their instances have been patched automatically. She is covering various cyber security incidents happening in the Cyber Space. GitLab is already running the patched versions, meaning cloud users are protected from these vulnerabilities.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 13 Mar 2025 09:00:08 +0000


Cyber News related to GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User

GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User - Security experts recommend that organizations running GitLab implement these updates as soon as possible, especially those using SAML authentication or considering enabling the Direct Transfer feature. The vulnerability can be exploited if an ...
8 months ago Cybersecuritynews.com CVE-2025-27407
GitLab warns of critical zero-click account hijacking vulnerability - GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the ...
1 year ago Bleepingcomputer.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
GitLab Fixes Password Reset Bug That Allows Account Takeover - GitLab is releasing a patch to fix a vulnerability in its email verification process that bad actors can exploit to reset user passwords and take over accounts. The flaw, CVE-2023-7028, was introduced in May 2023 in GitLab 16.1.0, in which a change ...
1 year ago Securityboulevard.com CVE-2023-7028 CVE-2023-5356
GitLab Security Update - Patch for Multiple Vulnerabilities in Community and Enterprise Edition - Both vulnerabilities were discovered by security researcher joaxcar through the HackerOne platform, highlighting the effectiveness of GitLab’s bug bounty program in identifying critical security flaws. These vulnerabilities collectively ...
3 months ago Cybersecuritynews.com CVE-2025-4700
GitLab Patches: Severe SAML Authentication Bypass Flaw Fixed - Security Boulevard - In addition to these patches, OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0. It’s worth mentioning that the issue only impacts self-managed instances; therefore, users of GitLab Dedicated instances do not need to take any ...
1 year ago Securityboulevard.com CVE-2024-45409
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
1 year ago Go.theregister.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
CVE-2021-21411 - OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the ...
4 years ago
Critical GitLab bug lets attackers run pipelines as any user - A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based open-source software project management and work tracking ...
1 year ago Bleepingcomputer.com CVE-2024-5655 CVE-2024-4901 CVE-2024-4994 CVE-2024-6323
Critical GitLab flaw allows account takeover without user interaction, patch quickly! - A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords. Users who have two-factor authentication enabled on their account are safe from account takeover. CVE-2023-7028 was reported through ...
1 year ago Helpnetsecurity.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
GitLab Vulnerabilities Let Attackers Bypass Security Controls & Execute Arbitrary Code - GitLab has issued a security advisory warning of multiple high-risk vulnerabilities in its DevOps platform, including two critical Cross-Site Scripting (XSS) flaws enabling attackers to bypass security controls and execute malicious scripts in user ...
8 months ago Cybersecuritynews.com CVE-2025-0475 CVE-2025-0555
Critical GitLab Bug Threatens Software Development Pipelines - A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it released new versions of its Community and Enterprise ...
1 year ago Darkreading.com CVE-2024-5655 CVE-2023-7028
GitLab patches critical authentication bypass vulnerabilities - GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws. The two critical flaws GitLab addressed this time ...
8 months ago Bleepingcomputer.com CVE-2025-25291
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
CVE-2016-9086 - GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All ...
8 years ago
CVE-2021-41129 - Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not ...
1 year ago
GitLab Fixes High-Severity Vulnerabilities in Latest Security Update - GitLab has released a critical security update addressing multiple high-severity vulnerabilities that could potentially allow attackers to execute arbitrary code and escalate privileges. These vulnerabilities affect various GitLab components and pose ...
1 month ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346
Multiple GitLab Security Vulnerabilities Exposed - GitLab, a widely used DevOps platform, has recently disclosed multiple critical security vulnerabilities that could potentially allow attackers to execute arbitrary code, escalate privileges, and compromise sensitive data. These vulnerabilities ...
3 weeks ago Cybersecuritynews.com CVE-2024-12345 CVE-2024-12346 CVE-2024-12347
400+ IPs Actively Exploiting Multiple SSRF Vulnerabilities In The Wild - Organizations should take immediate steps to ensure they are not exposed to these attacks by patching affected systems against the exploited CVEs, including CVE-2020-7796 (Zimbra Collaboration Suite), CVE-2021-22214 (GitLab CE/EE), CVE-2021-39935 ...
8 months ago Cybersecuritynews.com CVE-2020-7796
Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com
CERT-UA warns of malware campaign conducted by threat actor UAC-0006 - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Recent DarkGate campaign exploited ...
1 year ago Securityaffairs.com CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-4966 CVE-2023-3519
GitLab Releases Updates to Address Critical Vulnerabilities - In a newly released update, GitLab reports that it is releasing versions 16.7.2, 16.6.3, and 16.5.6 for GitLab Community Edition as well as Enterprise Edition in order to address a series of critical vulnerabilities. Two critical vulnerabilities, ...
1 year ago Darkreading.com CVE-2023-7028 CVE-2023-5356
GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content - The latest patch releases 18.1.2, 18.0.4, and 17.11.6 for both Community Edition (CE) and Enterprise Edition (EE) contain essential security fixes that require immediate attention from all self-managed GitLab administrators. These vulnerabilities ...
4 months ago Cybersecuritynews.com CVE-2024-12084
FBI warns of gift card fraud ring targeting retail companies - The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. Tracked as Storm-0539, this hacking group ...
1 year ago Bleepingcomputer.com
Strobes 2023 Pentesting Recap: Trends, Stats, and How PTaaS is Transforming Cybersecurity - This article covers some amazing statistics on what category of vulnerabilities we commonly report across 100s of customers, and how we reduce compliance times and turn around time to reporting critical vulnerabilities. In a different article, we ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)