Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.GITLAB_CVE-2021-22214.NBINHistoryAug 11, 2021 - 12:00 a.m.
GitLab 10.5 < 13.10.5 / 13.11 < 13.11.5 / 13.12 < 13.12.2 (CVE-2021-22214)
2021-08-1100:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
154
8.5 High
AI Score
Confidence
High
The version of GitLab installed on the remote host is affected by a vulnerability, as follows:
- When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited (CVE-2021-22214)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
Binary data gitlab_cve-2021-22214.nbinRelated
osv
osv
BIT-gitlab-2021-22214
2024-03-06 11:19:53
CVE-2021-22214
2021-06-08 15:15:07
veracode
veracode
Server-Side Request Forgery (SSRF)
2023-08-06 14:35:33
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Gitlab
2021-11-01 04:04:42
Exploit for Server-Side Request Forgery in Gitlab
2021-06-22 03:04:50
Exploit for Server-Side Request Forgery in Gitlab
2022-01-04 05:52:57
prion
prion
Server side request forgery (ssrf)
2021-06-08 15:15:00
debiancve
debiancve
CVE-2021-22214
2021-06-08 15:15:00
cve
cve
CVE-2021-22214
2021-06-08 15:15:00
ubuntucve
ubuntucve
CVE-2021-22214
2024-04-30 00:00:00
nuclei
nuclei
Gitlab CE/EE 10.5 - Server-Side Request Forgery
2021-06-17 12:43:03
archlinux
archlinux
[ASA-202106-21] gitlab: multiple issues
2021-06-09 00:00:00