PT-2023-14193 · Gitlab · Gitlab Ce/Ee+1
Ashish
+1
·
Publicado
2023-01-27
·
Atualizado
2025-03-28
·
CVE-2022-4335
CVSS v3.1
4.3
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab EE versions prior to 15.4.6
GitLab EE version 15.5 prior to 15.5.5
GitLab EE version 15.6 prior to 15.6.1
Description
A blind SSRF vulnerability was identified which allows an attacker to connect to a local host.
Recommendations
For GitLab EE versions prior to 15.4.6, update to version 15.4.6 or later.
For GitLab EE version 15.5 prior to 15.5.5, update to version 15.5.5 or later.
For GitLab EE version 15.6 prior to 15.6.1, update to version 15.6.1 or later.
Exploit
Correção
SSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gitlab
Gitlab Ce/Ee