CVE-2022-0425

Опубликовано: 01 апр. 2022

Источник: ubuntu

Приоритет: medium

CVSS2: 6.5

CVSS3: 5.4

Описание

A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks.

Релиз	Статус	Примечание
esm-apps/xenial	ignored	not maintainable
trusty	ignored	end of standard support
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

6.5 Medium

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2022-0425

CVSS3: 5.4

nvd

почти 4 года назад

A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks.

GHSA-rfc5-457g-gpqm

CVSS3: 7.6

github

почти 4 года назад

A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks.

6.5 Medium

CVSS2

5.4 Medium

CVSS3

CVE-2022-0425

Описание

Пакет gitlab

Ссылки на источники

Связанные уязвимости