Design/Logic Flaw

2020-03-2719:15:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.

CPENameOperatorVersion
gitlabge8.10.0
gitlablt12.9.1
gitlabge8.10.0
gitlablt12.9.1

Name	Operator	Version
gitlab	ge	8.10.0
gitlab	lt	12.9.1
gitlab	ge	8.10.0
gitlab	lt	12.9.1

References

about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/

about.gitlab.com/releases/categories/releases/