An issue exists in GitLab Community and Enterprise Edition 10.1 up to and including 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an malicious user to request any local network resource accessible from the GitLab server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |