daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

misc changes

patch-1
sandeep 2021-06-18 14:42:13 +05:30
parent 898555d4e5
commit 27d67855e8
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
vulnerabilities/gitlab/gitlab-cilint-api-information-disclosureand-ssrf.yaml → cves/2021/CVE-2021-22214.yaml
View File

@ -1,11 +1,14 @@
id: CVE-2021-22214-gitlab-ci-lint-api-ssrf
id: CVE-2021-22214
info:
author: Suman_Kar
name: GitLab CVE 2021-22214 Unauthenticated CI lint API information disclosure and SSRF
name: Unauthenticated CI lint API information disclosure and SSRF
severity: medium
reference: https://docs.gitlab.com/ee/api/lint.html
tags: gitlab,disclosure,ssrf
description: When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited.
reference: |
- https://nvd.nist.gov/vuln/detail/CVE-2021-22214
- https://docs.gitlab.com/ee/api/lint.html
tags: cve,cve2021,gitlab,ssrf
requests:
- raw: