CVE-2021-22175 is a GitLab server-side request forgery (SSRF) vulnerability that CISA has added to its Known Exploited Vulnerabilities catalog. That KEV listing means organizations using GitLab should treat this as a priority remediation item and follow the vendor’s mitigation guidance as soon as possible. The supplied source corpus does not include version ranges, exploitation details, or impact specific [truncated]
CVE-2021-39935 is a server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions. CISA lists it in the Known Exploited Vulnerabilities catalog, so defenders should treat it as actively exploited and prioritize remediation. The supplied corpus does not include affected version ranges or CVSS scoring, so version-specific exposure should be confirmed against the officia [truncated]
CVE-2023-7028 is a GitLab Community and Enterprise Editions improper access control vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2024-05-01. Because it is listed in KEV, defenders should treat it as an urgent patch-or-mitigate issue for any GitLab CE/EE deployment, especially externally reachable instances. CISA’s guidance is to apply vendor mitigations or discontinue us [truncated]
