Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
A critical auth bypass flaw in GitLab has been reported, with exploit code released. The vulnerability is identified as CVE-2024-45409, but it is unclear if this issue is related to other recently disclosed security flaws in various products, including a WordPress OAuth SSO plugin and a Gitea Docker image. Security updates have been released by GitLab and other companies to fix various vulnerabilities, including 2FA bypass and denial-of-service flaws.
Full coverage
12345678