GitLab Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, spoofing and security restriction bypass on the targeted system.
[Updated 4-November-2021] CVE-2021-22205 is being exploited in the wild. Risk level has been escalated to extremely high risk.
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 13.10.3, 13.9.6 and 13.8.8
GitLab Enterprise Edition (EE) versions prior to 13.10.3, 13.9.6 and 13.8.8
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix