Apply GitLab Patch Immediately
- CVSSv3 score: 10 out of 10
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
In April 2021, an issue was discovered in GitLab Community Edition (CE) and GitLab Enterprise Edition (EE) affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
Since July 2021, this vulnerability has been actively exploited in the wild. Security Operations has already identified and locked multiple instances of GitLab servers on campus due to compromise.
According to GitLab's April 2021 advisory, CVE-2021-22205 affects all versions of both GitLab Enterprise Edition (EE) and GitLab Community Edition (CE) starting from 11.9. GitLab 11.9.x-13.8.7, 13.9.0-13.9.5 and 13.10.0-13.10.2 are vulnerable.
The vulnerability was patched in the following versions: 13.10.3, 13.9.6, 13.8.8
It is imperative that all vulnerable instances of GitLab be patched to the levels listed above, and that it be done immediately.
Published on and maintained in Cascade.