You are currently viewing GitLab Updates Fix Static Password Flaw

GitLab Updates Fix Static Password Flaw

GitLab has released updates for GitLab Community Edition (CE) and Enterprise Edition (EE) software to address 17 vulnerabilities. The updates include a fix for a critical flaw that arose from “a hardcoded password [being] set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2.” More https://about.gitlab.com/releases/2022/03/31/critical-security-release-gitlab-14-9-2-released/