CVE-2019-5464

Опубликовано: 28 янв. 2020

Источник: debian

EPSS Низкий

Описание

A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	11.11.7+dfsg-1	experimental	package
gitlab	fixed	12.6.8-3		package

Примечания

https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/

EPSS

Процентиль: 62%

0.0043

Низкий

Связанные уязвимости

CVE-2019-5464

CVSS3: 9.8

ubuntu

около 6 лет назад

A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.

CVE-2019-5464

CVSS3: 9.8

nvd

около 6 лет назад

A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.

GHSA-4736-r24c-m444

github

больше 3 лет назад

A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.

EPSS

Процентиль: 62%

0.0043

Низкий