FlagThis

GitLab has released critical security updates for versions 17.9.2, 17.8.5, and 17.7.7 of both its Community Edition (CE) and Enterprise Edition (EE). These updates address multiple vulnerabilities, including critical authentication bypass flaws and a Remote Code Execution (RCE) threat. The most severe issues involve the ruby-saml library, which is used when SAML SSO authentication is enabled, and the Ruby graphql library, potentially allowing attackers to compromise user accounts and execute arbitrary code.

GitLab strongly recommends that all self-managed GitLab installations be upgraded immediately to one of these patched versions. GitLab.com is already running the updated version. GitLab Dedicated customers will be notified once their instances are patched, requiring no immediate action from them. The vulnerabilities addressed include CVE-2025-25291 and CVE-2025-25292, related to SAML SSO authentication bypass, and CVE-2025-27407, a high-severity remote code execution flaw.

ImgSrc: www.bleepstatic

References :

• Security Risk Advisors: GitLab Releases Critical Patches for Multiple Vulnerabilities in Versions 17.9.2, 17.8.5, and 17.7.7
• securityaffairs.com: SecurityAffairs article on GitLab addressed critical flaws in CE and EE
• socradar.io: SocRadar article on GitLab Security Update: Critical Authentication & RCE Flaws Demand Immediate Action
• BleepingComputer: BleepingComputer article about GitLab patches critical authentication bypass vulnerabilities
• Rescana: Rescana Cybersecurity Report on GitLab Security Updates: Critical Vulnerability Mitigations for Versions 17.9.2, 17.8.5, and 17.7.7

Classification:

• HashTags: #GitLab #SecurityPatch #Vulnerability
• Company: GitLab
• Target: GitLab Users
• Product: GitLab
• Feature: Authentication Bypass
• Malware: ruby-saml
• Type: ProductUpdate
• Severity: Critical