Lucene search
GoogleOSV:CVE-2021-22205HistoryApr 23, 2021 - 6:15 p.m.
CVE-2021-22205
2021-04-2318:15:08
Google
osv.dev
8
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
References
packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html
packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html
gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json
gitlab.com/gitlab-org/gitlab/-/issues/327121
hackerone.com/reports/1154542
Related
debiancve
debiancve
CVE-2021-22205
2021-04-23 18:15:08
ubuntucve
ubuntucve
CVE-2021-22205
2021-04-23 00:00:00
githubexploit
githubexploit
Exploit for Improper Input Validation in Gitlab
2021-11-10 13:57:55
Exploit for Improper Input Validation in Gitlab
2021-10-30 11:54:29
Exploit for Code Injection in Gitlab
2021-11-04 09:01:07
openvas
openvas
nessus
nessus
GitLab 7.12.x < 13.8.8 / 13.9.x < 13.9.6 / 13.10.x < 13.10.3 RCE
2021-11-03 00:00:00
GitLab 11.9 < 13.8.8 / 13.9 < 13.9.6 / 13.10 < 13.10.3 (CVE-2021-22205)
2022-04-20 00:00:00
checkpoint_advisories
checkpoint_advisories
GitLab CE Remote Code Execution (CVE-2021-22205)
2021-11-14 00:00:00
thn
thn
veracode
veracode
Remote Code Execution (RCE)
2023-08-06 14:34:15
cve
cve
CVE-2021-22205
2021-04-23 18:15:08
cvelist
cvelist
CVE-2021-22205
2021-04-23 17:39:36
cisa_kev
cisa_kev
GitLab Community and Enterprise Editions Remote Code Execution Vulnerability
2021-11-03 00:00:00
hivepro
hivepro
GUI-Vil Threat Group Exploits AWS for Crypto Mining
2023-05-25 06:36:40
Cerber targeting organizations with publicly available exploits
2021-12-14 13:50:15
osv
osv
BIT-gitlab-2021-22205
2024-03-06 11:20:01
nuclei
nuclei
GitLab CE/EE - Remote Code Execution
2021-10-27 12:31:04
prion
prion
Design/Logic Flaw
2021-04-23 18:15:00
nvd
nvd
CVE-2021-22205
2021-04-23 18:15:08
rapid7blog
rapid7blog
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
2021-11-01 13:33:43
Metasploit Wrap-Up
2021-11-05 19:43:51
Rapid7 2021 Wrap-Up: Highlights From a Year of Empowering the Protectors
2022-01-05 18:52:41
attackerkb
attackerkb
CVE-2021-22205
2021-04-23 00:00:00
zdt
zdt
GitLab 13.10.2 - Remote Code Execution Exploit
2021-11-17 00:00:00
GitLab Unauthenticated Remote ExifTool Command Injection Exploit
2021-11-04 00:00:00
archlinux
archlinux
[ASA-202104-1] gitlab: multiple issues
2021-04-29 00:00:00
packetstorm
packetstorm
GitLab Unauthenticated Remote ExifTool Command Injection
2021-11-04 00:00:00
GitLab 13.10.2 Remote Code Execution
2021-11-17 00:00:00
metasploit
metasploit
GitLab Unauthenticated Remote ExifTool Command Injection
2021-11-02 08:46:51
exploitdb
exploitdb
GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)
2021-11-17 00:00:00
securelist
securelist
DDoS attacks in Q4 2021
2022-02-10 10:00:04
qualysblog
qualysblog
malwarebytes
malwarebytes
Chinese APT's favorite vulnerabilities revealed
2022-10-13 16:15:00
avleonov
avleonov
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
ics
ics