Skip to content
Snippets Groups Projects
Commit 59ebcaf0 authored by Adil Farrukh's avatar Adil Farrukh
Browse files

Clarify vuln is SAML only for critical patch

parent 09695cd7
No related branches found
No related tags found
1 merge request!136276Clarify vuln is SAML only for critical patch
......@@ -50,7 +50,8 @@ When no specific deployment type (omnibus, source code, helm chart, etc.) of a p
 
### SAML authentication bypass
 
Updates dependencies `omniauth-saml` to version 2.2.1 and `ruby-saml` to 1.17.0 to mitigate [CVE-2024-45409](https://nvd.nist.gov/vuln/detail/CVE-2024-45409).
Updates dependencies `omniauth-saml` to version 2.2.1 and `ruby-saml` to 1.17.0 to mitigate [CVE-2024-45409](https://nvd.nist.gov/vuln/detail/CVE-2024-45409). This security vulnerability applies only to instances which
have configured SAML based authentication.
 
#### Self Managed GitLab: Known Mitigations
 
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment