Critical severity9.8NVD Advisory· Published Jan 28, 2020· Updated Jun 17, 2026
CVE-2019-5464
CVE-2019-5464
Description
A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the url_blocker.rb which could result in SSRF where the library is utilized.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: >=10.2
- Range: 12.1.2
- Range: Affects GitLab CE/EE 10.2 and later
Patches
Vulnerability mechanics
References
3- about.gitlab.com/releases/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/nvdPatchRelease NotesVendor Advisory
- gitlab.com/gitlab-org/gitlab-ce/issues/63959nvdExploitVendor Advisory
- hackerone.com/reports/632101nvdPermissions Required
News mentions
0No linked articles in our index yet.