Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
GitLab Enterprise Edition 和 Gitlab Community Edition 代码问题漏洞
Vulnerability Description
GitLab Enterprise Edition是一套内容管理系统。GitLab Community Edition是美国GitLab公司的一种社区版 GitLab 。 GitLab Enterprise Edition 和 Gitlab Community Edition 存在代码问题漏洞,该漏洞源于软件对Project Import特性中用户提供的输入没有充分验证。远程身份验证的攻击者可利用该漏洞发送一个特别制作的HTTP请求,并欺骗应用程序向任意系统发起请求。远程攻击者可利用该漏洞执行SSRF攻击
CVSS Information
N/A
Vulnerability Type
N/A