In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.
CPE | Name | Operator | Version |
---|---|---|---|
gitlab | eq | 6.6.1 | |
gitlab | eq | 10.6.0.pre | |
gitlab | eq | 10.9.0.pre | |
gitlab | eq | 8.12.0-rc7 | |
gitlab | eq | 8.12.0-rc3 | |
gitlab | eq | 11.3.0.pre | |
gitlab | eq | 6.4.1 | |
gitlab | eq | 6.7.0-ee | |
gitlab | eq | 9.1.0.pre | |
gitlab | eq | 8.12.0-rc2 |