CVE-2021-39927

Опубликовано: 18 янв. 2022

Источник: ubuntu

Приоритет: low

CVSS2: 3.5

CVSS3: 3.5

Описание

Server side request forgery protections in GitLab CE/EE versions between 8.4 and 14.4.4, between 14.5.0 and 14.5.2, and between 14.6.0 and 14.6.1 would fail to protect against attacks sending requests to localhost on port 80 or 443 if GitLab was configured to run on a port other than 80 or 443

Релиз	Статус	Примечание
esm-apps/xenial	ignored	not maintainable
trusty	ignored	end of standard support
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

3.5 Low

CVSS2

3.5 Low

CVSS3

Связанные уязвимости

CVE-2021-39927

CVSS3: 3.5

nvd

около 4 лет назад

CVE-2021-39927

CVSS3: 3.5

debian

около 4 лет назад

Server side request forgery protections in GitLab CE/EE versions betwe ...

GHSA-76g9-63cr-m776

CVSS3: 4.3

github

около 4 лет назад

Server side request forgery protections in GitLab CE/EE versions between 8.4 and 14.4.x, between 14.5.0 and 14.5.x, and between 14.6.0 and 14.6.x would fail to protect against attacks sending requests to localhost on port 80 or 443 if GitLab was configured to run on a port other than 80 or 443

3.5 Low

CVSS2

3.5 Low

CVSS3

CVE-2021-39927

Описание

Пакет gitlab

Ссылки на источники

Связанные уязвимости