CVE-2022-0136

Summary

A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=14.7, <14.7.1affected
GitLabGitLab>=14.6, <14.6.4affected
GitLabGitLab>=10.5, <14.5.4affected

Weaknesses

  • Information exposure in GitLab

ADP Enrichment

CVE Program Container

Additional References

References