CVE-2021-39867

Publication date

2021-10-05 12:29:39

Family

GitLab

State

PUBLISHED

Description

In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.