Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
GitLab代码问题漏洞
Vulnerability Description
GitLab是美国GitLab公司的一个开源的端到端软件开发平台,具有内置的版本控制、问题跟踪、代码审查、CI/CD(持续集成和持续交付)等功能。 GitLab CE/EE 存在代码问题漏洞,该漏洞源于在14.3.6之前的10.5开始,14.4.4之前从14.4开始的所有版本,所有14.5.2 之前的 14.5 版本的GitLab CE/EE 中存在未经授权的外部用户可以通+E13过 CI Lint API 执行服务器端请求。
CVSS Information
N/A
Vulnerability Type
N/A