CVE advisoryKnown Exploit
CVE-2021-39935
GitLab CI Lint API Server-Side Request Forgery
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
GitLab versions are affected by a vulnerability in the CI Lint API, allowing external users to perform unauthorized server-side requests. This could expose internal systems and data to external access, posing a business risk. Organizations are advised to apply vendor patches.