Skip to main content

GitLab Multiple Vulnerabilities

Last Update Date: 4 Nov 2021 Release Date: 15 Apr 2021 3774 Views

RISK: Extremely High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in GitLab, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution, spoofing and security restriction bypass on the targeted system.

 

[Updated 4-November-2021] CVE-2021-22205 is being exploited in the wild. Risk level has been escalated to extremely high risk.


Impact

  • Spoofing
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • GitLab Community Edition (CE) versions prior to 13.10.3, 13.9.6 and 13.8.8
  • GitLab Enterprise Edition (EE) versions prior to 13.10.3, 13.9.6 and 13.8.8


Solutions

Before installation of the software, please visit the software vendor web-site for more details.


Vulnerability Identifier


Source


Related Link