Gitlab exiftool rce3/5/2023 We strongly recommend that all installations running an affected version above are upgraded to the latest version as soon as possible. Thanks vakzz for reporting this vulnerability through our HackerOne bug bounty program. It is now mitigated in the latest release and is assigned CVE-2021-22205. This is a critical severity issue ( AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, 9.9). GitLab was not properly validating image files that is passed to a file parser which resulted in a remote command execution. 概况 Remote code execution when uploading specially crafted image filesĪn issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |