Mclaren650Sspider

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 10.2 and later **Description** A flawed DNS rebinding protection issue was discovered in the `url blocker.rb` library, which could result in Server-Side Request Forgery (SSRF) where the library is utilized. **Recommendations** For GitLab CE/EE versions 10.2 and later, consider restricting access to the `url blocker.rb` library until a patch is available. As a temporary workaround, review and limit the usage of the library to minimize the risk of SSRF exploitation.

**Name of the Vulnerable Software and Affected Versions** GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 12.6 **Description** The issue is related to Incorrect Access Control. **Recommendations** For GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 12.6, update to version 12.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** axTLS versions prior to 2.1.5 **Description** The issue arises from a buffer overflow in the `tls1.c` file, caused by the mismanagement of the `need bytes` value when processing a crafted sequence of TLS packets. **Recommendations** For versions prior to 2.1.5, update to version 2.1.5 or later to resolve the issue.