Security Advisory

CVE-2018-17452

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-15 00:00:00

Last updated 2025-02-06 20:29:19

Assigner mitre

State PUBLISHED

Description

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via a loopback address to the validate_localhost function in url_blocker.rb.

← Browse all CVEs View on cve.org ↗