What is CVE-2021-39935?

A medium-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in GitLab affecting multiple versions. Unauthorized external users could exploit the CI Lint API. Immediate patching is recommended.

What is the severity of CVE-2021-39935?

CVE-2021-39935 has a severity rating of MEDIUM with a CVSS base score of 6.8.

Is CVE-2021-39935 in CISA KEV?

Yes. CVE-2021-39935 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2021-39935 | Medium Vulnerability in GitLab GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, and all versions starting from 14.5 before 14.5.2. This vulnerability allows unauthorized external users to perform Server Side Requests via the CI Lint API. The vulnerability is classified as medium severity with a CVSS score of 6.8, indicating that it poses a significant risk to organizations using affected versions.

Risk to organizations includes potential exposure to sensitive internal resources through unauthorized API access. Attackers may leverage this vulnerability to conduct further attacks on the infrastructure by exploiting the CI Lint API, potentially leading to data breaches or service disruptions. Organizations should prioritize patching immediately.

As of now, there are no known public exploits or Proof of Concepts (PoCs) available for this vulnerability. However, continuous monitoring and timely application of patches are critical to mitigate any risks associated with this vulnerability.

Given the potential impact, organizations using GitLab should assess their exposure and take necessary actions to update their systems. Failure to do so could leave them vulnerable to exploitation attempts.

Vulnerability Details

The vulnerability affects GitLab CE/EE versions, highlighting a Server-Side Request Forgery (SSRF) issue that allows unauthorized access to server resources. The CVSS score is 6.8, defining it as medium severity. The affected products include both community and enterprise editions of GitLab, with the vulnerability being published on December 13, 2021, and it is classified under CWE-918.

Technical Analysis

The root cause of this vulnerability stems from improper validation in the CI Lint API, which allows external users to send unauthorized requests to internal servers. The attack vector is network-based, with a high attack complexity due to the required conditions for exploitation. No user interaction is necessary, and it does not require any privileges.

The vulnerability has a high confidentiality impact, as it can expose sensitive information through unauthorized server requests. However, it does not affect the integrity or availability of the system.

Risk & Impact Analysis

The risk to organizations includes an increased likelihood of exposure to sensitive resources and potential exploitation by unauthorized users. The implications of this vulnerability can lead to severe data breaches if not addressed promptly. Organizations should assess their risk based on the CVSS score and prioritize remediation efforts accordingly.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	Yes
Ransomware Use	No

Affected Versions

All versions of GitLab CE/EE starting from 10.5 before 14.3.6, from 14.4 before 14.4.4, and from 14.5 before 14.5.2 are affected. Organizations should ensure they upgrade to the latest patched versions.

Mitigation & Remediation

Organizations should apply the latest patches provided by GitLab for the affected versions. If patches are unavailable, consider implementing workarounds as recommended in vendor advisories. For further guidance, organizations may consider engaging in penetration testing to validate the security posture.

Detection Guidance

Monitor logs for unusual access patterns to the CI Lint API. Look for failed authentication attempts and unauthorized requests that may indicate exploitation attempts. Behavioral anomalies should be flagged for further investigation.

AppSecure Threat Intelligence Insight

This vulnerability is significant as it reflects a broader trend of API misconfigurations leading to SSRF vulnerabilities. Security teams should prioritize regular assessments of their API implementations to prevent similar vulnerabilities. Engaging in a comprehensive API penetration testing strategy can help identify and mitigate such vulnerabilities early.

The importance of proactive security measures cannot be overstated, especially in light of this vulnerability. Organizations must ensure they have robust security testing and remediation practices in place to address potential weaknesses before they can be exploited.

In conclusion, organizations utilizing GitLab should not only apply the patches for this vulnerability but also take this opportunity to enhance their overall security posture and resilience.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2021-39935: Medium Vulnerability in GitLab GitLab