GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE).
Threat update
A critical vulnerability in GitLab, labeled CVE-2023-7028, is under active attack by threat actors to achieve account takeover, as reported by the Cybersecurity and Infrastructure Security Agency (CISA).