GitLab Server-Side Request Forgery (SSRF) Vulnerability - CVE-2021-22175

February 18, 2026 CRITICAL CVSS: 9.0 By VulnDaily

Affected Systems: GitLab GitLab

auto-generated

Executive Summary

GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled.

CVSS Score: 9.0/10.0
Severity: CRITICAL

Affected Systems

GitLab GitLab

Detection & Mitigation

Apply vendor patches as soon as available
Monitor for indicators of compromise
Review vendor advisories for specific guidance

References

External Resources & References

Vulnerability Databases

National Vulnerability Database Official NIST vulnerability details and CVSS scoring

MITRE CVE Dictionary Authoritative CVE identification and classification

Threat Intelligence & Search

Shodan Search Engine Find internet-exposed vulnerable systems

Exploit Database Public exploits and proof-of-concepts