CVE-2021-22205

CWE-94 — Code Injection12 documents10 sources

CVSS

CRITICAL

EPSS94.5%(100th)

CISA KEVPublic ExploitExploited in WildRansomware Use

CISA Required Action: Apply updates per vendor instructions.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages1 packages

▶NVDgitlab/gitlab11.9.0 — 13.8.8+2

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.

NVD ↗MITRE ↗

🔴Vulnerability Details

OSV

CVE-2021-22205: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11↗2021-04-23

▶

CVEList

CVE-2021-22205: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11↗2021-04-23

▶

VulnCheck

GitLab Community and Enterprise Editions Remote Code Execution Vulnerability↗2021

▶

💥Exploits & PoCs

Exploit-DB

GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)↗2021-11-17

▶

Nuclei

GitLab CE/EE - Remote Code Execution

▶

Nuclei

GitLab CE/EE Unauthenticated RCE Using ExifTool

▶

🔍Detection Rules

Suricata

ET EXPLOIT GitLab Pre-Auth RCE Detected (CVE-2021-22205)↗2023-02-14

▶

Suricata

ET EXPLOIT Possible Gitlab CE/EE Image Parser RCE Inbound (CVE-2021-22205)↗2021-11-13

▶

📋Vendor Advisories

CISA

GitLab Community and Enterprise Editions Remote Code Execution Vulnerability↗2021-11-03

▶

GitLab

CVE-2021-22205: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passe↗2021-04-23

▶

Debian

CVE-2021-22205: gitlab - An issue has been discovered in GitLab CE/EE affecting all versions starting fro...↗2021

▶