CVE-2021-22205 log

Severity Critical
Remote Yes
Type Arbitrary code execution
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that is passed to a file parser which resulted in a remote command execution. The issue is fixed in GitLab versions 13.10.3, 13.9.6 and 13.8.8.
Group Package Affected Fixed Severity Status Ticket
AVG-1822 gitlab 13.10.2-1 13.10.3-1 Critical Fixed
Date Advisory Group Package Severity Type
29 Apr 2021 ASA-202104-1 AVG-1822 gitlab Critical multiple issues