Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
N/A
Vulnerability Title
GitLab 代码问题漏洞
Vulnerability Description
GitLab是美国GitLab公司的一款使用Ruby on Rails开发的、自托管的、Git(版本控制系统)项目仓库应用程序。该程序可用于查阅项目的文件内容、提交历史、Bug列表等。 GitLab 存在代码问题漏洞,该漏洞源于在 GitLab CE/EE 8.15 之后的所有版本中,Gitea Importer 中的 DNS 重新绑定漏洞可能会被攻击者利用来触发服务器端请求伪造 (SSRF) 攻击。
CVSS Information
N/A
Vulnerability Type
N/A