The Auth0 integration in GitLab prior to 10.3.9, 10.4.x prior to 10.4.6, and 10.5.x prior to 10.5.6 has an incorrect omniauth-auth0 configuration, leading to signing in unintended users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |
||
debian debian linux 9.0 |