CVE-2021-22205 | An issue has been discovered in GitLab CE/EE affecting all v… | CVSS 10.0 CRITICAL

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.

Metadata

CVE ID: CVE-2021-22205
State: PUBLISHED
Assigner: GitLab
Reserved: 2021-01-05 00:00 UTC
Published: 2021-04-23 17:39 UTC
Last updated: 2025-10-21 23:25 UTC
Primary CWE: CWE-94
CWE-94 Improper Control of Generation of Code ('Code Injecti…
Vendor / Product: GitLab / GitLab
Sources: cve.org · NVD

Severity & Metrics

10.0 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: ACTIVE
Automatable: yes
Tech. Impact: total

CISA Known Exploited Vulnerability

Vulnerability name: GitLab Community and Enterprise Editions Remote Code Execution Vulnerability
Vendor: GitLab
Product: Community and Enterprise Editions
Added to KEV: 2021-11-03
Due date: 2021-11-17
Ransomware: Known use

Required action

Apply updates per vendor instructions.

CISA description

GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse passes image file extensions through ExifTool, which improperly validates the image files.

Affected products (1)

Vendor	Product	Platform	Versions
GitLab	GitLab	—	>=11.9, <13.8.8, >=13.9, <13.9.6, >=13.10, <13.10.3

Weakness (CWE)

CWE	Source	Description
—	cna	Improper control of generation of code ('code injection') in GitLab
CWE-94	adp	CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSS scores (1)

Score	Severity	Version	Source	Vector
10.0	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References (5)