First published: Mon Sep 16 2019(Updated: )
An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to request any local network resource accessible from the GitLab server.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=10.1.0<12.0.8 | |
GitLab GitLab | >=10.1.0<12.0.8 | |
GitLab GitLab | >=12.1.0<12.1.8 | |
GitLab GitLab | >=12.1.0<12.1.8 | |
GitLab GitLab | >=12.2.0<12.2.3 | |
GitLab GitLab | >=12.2.0<12.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.