{"id":"CVE-2020-10956","details":"GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.","aliases":["BIT-gitlab-2020-10956"],"modified":"2026-04-09T06:46:29.865690Z","published":"2020-03-27T19:15:11.447Z","references":[{"type":"ADVISORY","url":"https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/"},{"type":"ADVISORY","url":"https://about.gitlab.com/releases/categories/releases/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/gitlab-org/gitlab","events":[{"introduced":"4071be4ff453bc317ba65d5f4a50cab7d50869db"},{"fixed":"0ebcf602332fc27fc2bc8a2eb7b14d7a1685c343"},{"introduced":"4071be4ff453bc317ba65d5f4a50cab7d50869db"},{"fixed":"0ebcf602332fc27fc2bc8a2eb7b14d7a1685c343"}],"database_specific":{"versions":[{"introduced":"8.10.0"},{"fixed":"12.9.1"},{"introduced":"8.10.0"},{"fixed":"12.9.1"}]}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10956.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}