CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-9174

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile20.52th
Published2019年4月17日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF.

Affected Platforms (CPE)

📦
Gitlab

Gitlab

< 11.6.10
📦
Gitlab

Gitlab

< 11.6.10
📦
Gitlab

Gitlab

>= 11.7.0 and < 11.7.6
📦
Gitlab

Gitlab

>= 11.7.0 and < 11.7.6
📦
Gitlab

Gitlab

>= 11.8.0 and < 11.8.1
📦
Gitlab

Gitlab

>= 11.8.0 and < 11.8.1

References & Advisories

🔗 https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
🔗 https://about.gitlab.com/blog/categories/releases/
🔗 https://gitlab.com/gitlab-org/gitlab-ce/issues/55468
🔗 https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
🔗 https://about.gitlab.com/blog/categories/releases/
🔗 https://gitlab.com/gitlab-org/gitlab-ce/issues/55468

相關漏洞威脅

CVE-2018-1884310.0

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSR...

CVE-2021-2220510.0

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image f...

CVE-2020-541510.0

Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoo...

CVE-2021-221929.9

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users t...