Report Name: CVE-2021-39935 report
Generated: 2026-02-04 23:17:14

Vulristics Vulnerability Scores
Basic Vulnerability Scores
Products

Product NamePrevalenceUCHMLAComment
GitLab0.911GitLab is a DevOps software package that combines the ability to develop, secure, and operate software in a single application


Vulnerability Types

Vulnerability TypeCriticalityUCHMLA
Server-Side Request Forgery0.8711


Vulnerabilities

Urgent (1)

1. Server-Side Request Forgery - GitLab (CVE-2021-39935) - Urgent [835]

Description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API

ComponentValueWeightComment
Exploited in the Wild1.018Exploitation in the wild is mentioned on Vulners (CISA object, cisa_kev object), AttackerKB, NVD:CISAKEV websites
Exploit Exists0.517The existence of a private exploit is mentioned on BDU:PrivateExploit website
Criticality of Vulnerability Type0.8715Server-Side Request Forgery
Vulnerable Product is Common0.914GitLab is a DevOps software package that combines the ability to develop, secure, and operate software in a single application
CVSS Base Score0.810CVSS Base Score is 7.5. According to NVD data source
EPSS Percentile1.010EPSS Probability is 0.80799, EPSS Percentile is 0.9911

Critical (0)

High (0)

Medium (0)

Low (0)

Exploitation in the wild detected (1)

Server-Side Request Forgery (1)

Public exploit exists, but exploitation in the wild is NOT detected (0)

Other Vulnerabilities (0)