{"vulnerability": "cve-2021-4191", "sightings": [{"uuid": "a38cd11b-5fdb-4680-b58b-728322b7ce39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "published-proof-of-concept", "source": "https://t.me/eaglecyberwashere/50", "content": "https://github.com/inspiringz/CVE-2021-22205.git\nCVE-2021-4191: Gitlab Unauthenticated AddUser to Administrator", "creation_timestamp": "2022-12-07T05:53:04.000000Z"}, {"uuid": "8c13b3fc-43ce-4e14-86b6-595ec47b5121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/10063", "content": "https://www.rapid7.com/blog/post/2022/03/03/cve-2021-4191-gitlab-graphql-api-user-enumeration-fixed/", "creation_timestamp": "2022-03-04T15:58:10.000000Z"}, {"uuid": "33315b0d-e225-4c51-80ca-e12118b4c0be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "https://t.me/NeKaspersky/1928", "content": "\u0420\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 GitLab\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e CVE-2021-4191 (5.3 \u043f\u043e CVSS), \u0431\u0430\u0433\u0435 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 GitLab Community Edition \u0438 Enterprise Edition. \u0424\u0438\u043a\u0441\u044b \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 14.8.2, 14.7.4 \u0438 14.6.5 25 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0414\u0436\u0435\u0439\u043a\u0430 \u0411\u0435\u0439\u043d\u0441\u0430, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 Rapid7, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u0435\u043d \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u043d\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a API GitLab GraphQL. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0431\u0430\u0433\u043e\u043c, \u043c\u043e\u0436\u0435\u0442 \u0443\u0437\u043d\u0430\u0442\u044c \u0438\u043c\u0435\u043d\u0430 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0438\u0445 \u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b. \u0421\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0435 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u0440\u043e\u0434\u0435 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u0438\u043b\u0438 \u0441\u0442\u0430\u0440\u043e\u0433\u043e \u043d\u0435\u0434\u043e\u0431\u0440\u043e\u0433\u043e \u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441\u0430 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u043a \u0443\u0447\u0435\u0442\u043a\u0430\u043c.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e \u0431\u0430\u0433\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0440\u0443\u0433\u0438\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e CVE-2022-0735 (CVSS: 9.6), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0442\u043e\u043a\u0435\u043d\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 CI/CD-\u0442\u0430\u0441\u043a\u043e\u0432.\n@NeKaspersky", "creation_timestamp": "2022-03-04T11:22:38.000000Z"}, {"uuid": "bd050981-7574-40bf-9107-df688edda9d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41916", "type": "seen", "source": "https://t.me/cibsecurity/30258", "content": "\u203c CVE-2021-41916 \u203c\n\nA Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim's knowledge, by enticing an authenticated admin user to visit an attacker's web page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:25.000000Z"}, {"uuid": "46c6309b-93a3-4f91-a241-25e704e41bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41918", "type": "seen", "source": "https://t.me/cibsecurity/30269", "content": "\u203c CVE-2021-41918 \u203c\n\nwebTareas version 2.4 and earlier allows an authenticated user to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against the platform users and administrators. The issue affects every endpoint on the application because it is related on how each URL is echoed back on every response page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:38.000000Z"}, {"uuid": "332fd259-3e9c-42bb-b14a-ec2e24f3464e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "4548a889-2b5f-4ae7-9a1d-3d0632474553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-30)", "content": "", "creation_timestamp": "2024-11-30T00:00:00.000000Z"}, {"uuid": "0f7dd996-9c25-4e48-9628-eb123e59c066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-14)", "content": "", "creation_timestamp": "2025-02-14T00:00:00.000000Z"}, {"uuid": "9c5865b2-7286-42be-8fd7-9cf856d9ca0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-16)", "content": "", "creation_timestamp": "2025-02-16T00:00:00.000000Z"}, {"uuid": "78a3a27d-6312-4c1e-8227-161c1b5929e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-13)", "content": "", "creation_timestamp": "2025-03-13T00:00:00.000000Z"}, {"uuid": "ff1e19fa-9ba7-4edb-a3f9-4094fb94a16e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-16)", "content": "", "creation_timestamp": "2025-02-16T00:00:00.000000Z"}, {"uuid": "203bce0d-79b2-4662-ae74-32599c41a3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-16)", "content": "", "creation_timestamp": "2025-04-16T00:00:00.000000Z"}, {"uuid": "8ebccda1-9ecb-4a67-8228-5f0f6e165387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-12)", "content": "", "creation_timestamp": "2025-07-12T00:00:00.000000Z"}, {"uuid": "2cf83365-5c9f-4543-a0f2-67e314c06d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "98f74f0e-7fc3-4c68-8dd3-3bdc5f198baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "https://sploitus.com/exploit?id=B33A8A99-8B45-5EA7-9323-46A4B09014DA&amp;utm_source=rss&amp;utm_medium=rss", "content": "", "creation_timestamp": "2025-10-09T23:53:19.000000Z"}, {"uuid": "fc2fcfca-39e7-4db7-8ee6-39c5c805beb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/gitlab_graphql_user_enum.rb", "content": "", "creation_timestamp": "2022-03-11T21:12:45.000000Z"}, {"uuid": "d9c17156-ca20-4f64-a7ff-0b6381d6448a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "f4a991b5-c964-4c5f-a3ac-12ebc7bbc47a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "3e0650c3-78c1-4360-addf-8abb8de7d68b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-02)", "content": "", "creation_timestamp": "2026-01-02T00:00:00.000000Z"}, {"uuid": "4541dfff-7094-45a6-9496-375f4b7fe625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41917", "type": "seen", "source": "https://t.me/cibsecurity/30261", "content": "\u203c CVE-2021-41917 \u203c\n\nwebTareas version 2.4 and earlier allows an authenticated user to store arbitrary web script or HTML by creating or editing a client name in the clients section, due to incorrect sanitization of user-supplied data and achieve a Stored Cross-Site Scripting attack against the platform users and administrators. The affected endpoint is /clients/editclient.php, on the HTTP POST cn parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:29.000000Z"}, {"uuid": "9e55f7c3-7b09-4573-8fb0-8a517f202f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41919", "type": "seen", "source": "https://t.me/cibsecurity/30260", "content": "\u203c CVE-2021-41919 \u203c\n\nwebTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. This is working by adding or replacing a personal profile picture. The affected endpoint is /includes/upload.php on the HTTP POST data. This allows an attacker to exploit the platform by injecting code or malware and, under certain conditions, to execute code on remote user browsers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:28.000000Z"}, {"uuid": "cf22ef46-f436-4279-932e-9262549dbfce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "https://t.me/thebugbountyhunter/6068", "content": "CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)\n\nhttps://www.rapid7.com/blog/post/2022/03/03/cve-2021-4191-gitlab-graphql-api-user-enumeration-fixed/", "creation_timestamp": "2022-03-05T10:56:24.000000Z"}, {"uuid": "87ef401b-6bd9-475d-a77d-4a36e19786ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-4191.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "8d9993ea-75e6-49b8-b2cd-abbb4aa16631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "3011edaf-5bfe-42fc-8328-e6a558b0a023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "0612bde2-97a6-4e9e-9cbb-7a223bc5eab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-20)", "content": "", "creation_timestamp": "2025-03-20T00:00:00.000000Z"}, {"uuid": "5777a3fb-87bc-4798-846b-1ccf3ef6ebbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-07)", "content": "", "creation_timestamp": "2025-03-07T00:00:00.000000Z"}, {"uuid": "6c174796-f678-4000-a292-994010f29315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-06)", "content": "", "creation_timestamp": "2025-04-06T00:00:00.000000Z"}, {"uuid": "3194412d-d66d-4e40-94ab-6122b8f2d53f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "b7f021fd-fb2b-437a-acdd-620c99ab2237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "ca96dfe0-b2c2-4d8c-87c2-769a0a5e7103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "8b80ad83-b5d2-4f40-b442-f7a7193a835d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-20)", "content": "", "creation_timestamp": "2025-11-20T00:00:00.000000Z"}, {"uuid": "d3490ebb-3e24-4e8a-8098-0634e4986123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "f91ab702-0262-4fae-b83e-cff97137dd24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "c9fc3b8d-2d29-4f5d-b796-40b5dda27485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "0d5bd920-6c10-4510-8d22-a2b750edfbe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "published-proof-of-concept", "source": "Telegram/pp0tBsjy_E8hLKpXrUoko-WsHosDL2SxogzGUGEN2XHWgEs", "content": "", "creation_timestamp": "2025-10-10T03:00:11.000000Z"}, {"uuid": "a2a4ea8c-b571-4dc8-a0f5-0f4988e4e37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "https://t.me/thehackernews/1946", "content": "A new vulnerability (CVE-2021-4191) affects thousands of GitLab instances that could allow a remote, unauthenticated attacker to access user-related information.\n\nhttps://thehackernews.com/2022/03/new-security-vulnerability-affects.html\n\nPatched versions 14.8.2, 14.7.4, 14.6.5 issued for self-managed servers.", "creation_timestamp": "2023-05-22T23:03:30.000000Z"}, {"uuid": "097b9471-5f81-497e-93bc-9df9e7938000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "c5150496-d984-4b32-bdc3-073047fe8d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:40.000000Z"}, {"uuid": "bca29db8-04c0-4321-9544-7509d64311fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-09)", "content": "", "creation_timestamp": "2025-04-09T00:00:00.000000Z"}, {"uuid": "d3405da1-e799-48f6-b259-01fc1a27f4f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-29)", "content": "", "creation_timestamp": "2025-04-29T00:00:00.000000Z"}, {"uuid": "9de5028b-0cec-4124-af22-b4f5e426993e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2021-4191", "type": "seen", "source": "https://gist.github.com/tamer1an/d3cf5cdbec1b41112d4ed8bd8bdebcf8", "content": "", "creation_timestamp": "2025-09-11T11:55:23.000000Z"}, {"uuid": "8d70d374-ec87-4e75-873a-15037bb4efb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-29)", "content": "", "creation_timestamp": "2025-08-29T00:00:00.000000Z"}, {"uuid": "1d03dd7b-4d35-4aa0-af57-7e9c0b25026d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-26)", "content": "", "creation_timestamp": "2025-09-26T00:00:00.000000Z"}, {"uuid": "56d3c90a-6a7b-432c-b791-2d288eadc7c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-05)", "content": "", "creation_timestamp": "2026-01-05T00:00:00.000000Z"}, {"uuid": "bcd7b01e-3171-4bec-94d8-f139142a8295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "b5b6f2e5-2e74-4bf1-a36b-511a8140a35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4191", "type": "seen", "source": "https://t.me/cKure/8928", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 New Security Vulnerability Affects Thousands of GitLab Instances.\n\nTracked as CVE-2021-4191 (CVSS score: 5.3), the medium-severity flaw affects all versions of GitLab Community Edition and Enterprise Edition starting from 13.0 and all versions starting from 14.4 and prior to 14.8.\n\nhttps://thehackernews.com/2022/03/new-security-vulnerability-affects.html", "creation_timestamp": "2022-03-04T11:50:35.000000Z"}]}