Security Advisory

CVE-2022-4201

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-27 00:00:00

Last updated 2025-03-27 20:20:58

Assigner GitLab

State PUBLISHED

Description

A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner.

← Browse all CVEs View on cve.org ↗