CVE-2022-0249

Summary

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=14.7, <14.7.1affected
GitLabGitLab>=14.6, <14.6.4affected
GitLabGitLab>=12.0, <14.5.4affected

Weaknesses

  • Information exposure in GitLab

ADP Enrichment

CVE Program Container

Additional References

References