An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

  - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not     properly validating image files that were passed to a file parser which resulted in a remote command     execution. (CVE-2021-22205)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9 through 13.8.8 / 13.9.6 / 13.10.3. This is the result of improper validation of image files by a 3rd-party file parser Exif-Tool, resulting in a remote command execution.

According to its self-reported version, the instance of GitLab running on the remote web server is prior to 13.8.8, 13.9.x prior to 13.9.6, or 13.10.x prior to 13.10.3. It is, therefore, affected by a remote code execution due to not properly validating image files being passed to a file parser. An authenticated, remote attacker can exploit this, by uploading a malicious image file, to execute arbitrary code.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
159925	GitLab 11.9 < 13.8.8 / 13.9 < 13.9.6 / 13.10 < 13.10.3 (CVE-2021-22205)	Nessus	CGI abuses	critical
113044	GitLab 11.9.x < 13.8.8 / 13.9.x < 13.9.6 / 13.10.x < 13.10.3 Remote Code Execution	Web App Scanning	Component Vulnerability	critical
154879	GitLab 7.12.x < 13.8.8 / 13.9.x < 13.9.6 / 13.10.x < 13.10.3 RCE	Nessus	CGI abuses	critical

Detections

Analytics

CVE-2021-22205

critical

Tenable Plugins

critical

critical

critical