Hit enter to search

Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild


Vulnerability in GitLab's web interface has been detected as actively exploited in the wild. Researchers warn that a large number of internetfacing GitLab instances are susceptible to attacks.

Tracked as CVE202122205, the issue relates to an improper validation of userprovided images that results in arbitrary code execution. The vulnerability, which affects all versions starting from 11.9, has since been addressed by GitLab on April 14, 2021.