GHSA-237m-vv9j-66q2

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.

Ссылки

EPSS

Процентиль: 36%

0.00145

Низкий

CVE ID

CVE-2021-39867

Дефекты

CWE-918

Связанные уязвимости

CVE-2021-39867

CVSS3: 6.5

ubuntu

почти 4 года назад

In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.

CVE-2021-39867

CVSS3: 6.5

nvd

почти 4 года назад

In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.

CVE-2021-39867

CVSS3: 6.5

debian

почти 4 года назад

In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vu ...

EPSS

Процентиль: 36%

0.00145

Низкий

CVE ID

CVE-2021-39867

Дефекты

CWE-918