CVE-2021-22192

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.2, <13.7.9affected
GitLabGitLab>=13.8, <13.8.6affected
GitLabGitLab>=13.9, <13.9.4affected

Weaknesses

  • Improper control of generation of code ('code injection') in GitLab

ADP Enrichment

CVE Program Container

Additional References

References