Unrated severityCISA KEVNVD Advisory· Published Jun 11, 2021· Updated Feb 19, 2026
CVE-2021-22175
CVE-2021-22175
Description
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>=10.5+ 1 more
- (no CPE)range: >=10.5
- (no CPE)range: >=10.5, <13.6.7
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22175.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/294178mitrex_refsource_MISC
- hackerone.com/reports/1059596mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.