FlagThis

GitLab has released critical security updates to address multiple vulnerabilities in its Community Edition (CE) and Enterprise Edition (EE) platforms. The updates, included in versions 17.9.2, 17.8.5, and 17.7.7, fix nine vulnerabilities. Two of these are critical authentication bypass flaws (CVE-2025-25291 and CVE-2025-25292) within the ruby-saml library, used when SAML SSO authentication is enabled at the instance or group level. GitLab has already patched GitLab.com and will update GitLab Dedicated customers, but self-managed installations require immediate manual updates.

Exploitation of these flaws could allow attackers with access to a legitimate signed SAML document from an identity provider to impersonate any valid user, potentially leading to unauthorized access to sensitive repositories and data breaches. The issue stems from differences in XML parsing between REXML and Nokogiri. GitLab strongly advises all affected installations to upgrade to the latest versions as soon as possible to mitigate potential risks. Other vulnerabilities that were addressed are CVE-2025-27407, a high severity Ruby graphql vulnerability.

ImgSrc: www.bleepstatic

References :

• Security Risk Advisors: GitLab Releases Critical Patches for Multiple Vulnerabilities in Versions 17.9.2, 17.8.5, and 17.7.7
• securityaffairs.com: GitLab addressed critical flaws in CE and EE
• socradar.io: GitLab Security Update: Critical Authentication & RCE Flaws Demand Immediate Action
• The DefendOps Diaries: GitLab's Critical Vulnerability Fixes: What You Need to Know
• BleepingComputer: GitLab patches critical authentication bypass vulnerabilities

Classification:

• HashTags: #GitLab #AuthenticationBypass #SecurityUpdate
• Company: GitLab
• Target: GitLab users
• Product: GitLab CE/EE
• Feature: Authentication Bypass
• Malware: CVE-2025-25291 & CVE-2025-25292
• Type: Vulnerability
• Severity: Critical