GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability

GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthorized external users to perform Server Side Requests via the CI Lint API...

Linux Distros Unpatched Vulnerability : CVE-2021-39935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...

CVE-2021-39935

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API...

VulnCheck KEV: CVE-2021-39935

GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthorized external users to perform Server Side Requests via the CI Lint API...

PT-2025-1718 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.0 through 17.6.3 GitLab CE/EE versions 17.7 through 17.7.2 GitLab CE/EE versions 17.8 through 17.8.0 Description: An issue has been discovered in GitLab CE/EE that affects users with a developer role, allowing them to...

BIT-GITLAB-2021-39935

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API...

CVE-2021-39935

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API...

CVE-2021-39935

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API...

Design/Logic Flaw

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API...

CVE-2021-39935

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API...

CVE-2021-39935

Removed by vendor...

PT-2021-22774

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 10.5 through 14.3.5 GitLab CE/EE versions 14.4 through 14.4.3 GitLab CE/EE versions 14.5 through 14.5.1 Description An issue has been discovered in GitLab CE/EE where unauthorized external users could perform Server Side...

FreeBSD : Gitlab -- Multiple Vulnerabilities (5f52d646-c31f-11eb-8dcf-001b217b3468)

Gitlab reports : Stealing GitLab OAuth access tokens using XSLeaks in Safari Denial of service through recursive triggered pipelines Unauthenticated CI lint API may lead to information disclosure and SSRF Server-side DoS through rendering crafted Markdown documents Issue and merge request length...