eWeek

Duo Security Discloses SAML Single Sign On Vulnerabilities

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Duo Security reported on Feb. 27 that it discovered a ...
heise online

Critical SAML login vulnerability with maximum score jeopardizes Gitlab server

Admins of self-hosted Gitlab instances should update their servers quickly. Due to a"critical" security vulnerability, access may be possible without logging in. In a warning message, the developers ...
Bleeping Computer

SAML Vulnerability Lets Attackers Log in as Other Users

Security researchers from Duo Labs and the US Computer Emergency Response Team Coordination Center (CERT/CC) will release security advisories today detailing a new SAML vulnerability that allows ...
heise online

Security vulnerabilities: Gitlab developers advise rapid update

According to a warning message, two vulnerabilities (CVE-2025-25291, CVE-2025-25292) are considered “critical”. However, systems are only vulnerable if authentication via SAML SSO is active and ...