GitLab Community and Enterprise Editions version 8.3 up to 10.x prior to 10.3 are vulnerable to SSRF in the Services and webhooks component.
gitlab gitlab