Apply GitLab Patch Immediately

RISK: HIGH

  • CVSSv3 score: 10 out of 10


GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

SUMMARY:

In April 2021, an issue was discovered in GitLab Community Edition (CE) and GitLab Enterprise Edition (EE) affecting all versions starting from 11.9.  GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.

Since July 2021, this vulnerability has been actively exploited in the wild.  Security Operations has already identified and locked multiple instances of GitLab servers on campus due to compromise.

AFFECTED VERSIONS:

According to GitLab's April 2021 advisory, CVE-2021-22205 affects all versions of both GitLab Enterprise Edition (EE) and GitLab Community Edition (CE) starting from 11.9.   GitLab 11.9.x-13.8.7, 13.9.0-13.9.5 and 13.10.0-13.10.2 are vulnerable.

The vulnerability was patched in the following versions:  13.10.3, 13.9.6, 13.8.8

It is imperative that all vulnerable instances of GitLab be patched to the levels listed above, and that it be done immediately.


Published on  and maintained in Cascade.