InfoWorld

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched. A critical two-factor authentication bypass vulnerability in the Community ...
heise online

Critical SAML login vulnerability with maximum score jeopardizes Gitlab server

Admins of self-hosted Gitlab instances should update their servers quickly. Due to a"critical" security vulnerability, access may be possible without logging in. In a warning message, the developers ...