A blind SSRF in GitLab CE/EE affecting all from 11.3 before 15.4.6, 15.5 before 15.5.5, and 15.6 before 15.6.1 allows an malicious user to connect to local addresses when configuring a malicious GitLab Runner.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab 15.6.0 |
||
gitlab gitlab |