CVE-2018-8801

GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component.
References
Link Resource
https://gitlab.com/gitlab-org/gitlab-ce/issues/41642 Issue Tracking Vendor Advisory
https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md Release Notes Vendor Advisory
https://hackerone.com/reports/301924 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Information

Published : 2018-04-25 09:29

Updated : 2019-02-27 08:09


NVD link : CVE-2018-8801

Mitre link : CVE-2018-8801

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)