7 matches found
CVE-2021-22175
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled...
GitLab 10.5 < 13.6.7 / 13.7 < 13.7.7 / 13.8 < 13.8.4 (CVE-2021-22175)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an...
CVE-2021-22175
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled...
CVE-2021-22175
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled...
CVE-2021-22175
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled...
CVE-2021-22175
GitLab’s SSRF vulnerability (CVE-2021-22175) affects GitLab CE/EE 10.5 and later when internal-network webhook requests are enabled. An unauthenticated attacker could trigger arbitrary internal requests via crafted webhook calls. The connected sources (Nuclei templates and Nessus/NASL entries) co...
CVE-2021-22175
Removed by vendor...