Unauthenticated Gitlab CI Lint API SSRF CVE-2021-22214 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Unauthenticated Gitlab CI Lint API SSRF CVE-2021-22214 Scanner Detail

There is a server side request forgery (SSRF) vulnerability in Gitlab CI Lint API.

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited

Some Advice for Common Problems

You need to update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service