Security Advisory

CVE-2021-22175

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-11 15:30:12

Last updated 2026-02-19 04:55:37

Assigner GitLab

State PUBLISHED

Description

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled

← Browse all CVEs View on cve.org ↗