GitLab has released security updates for its web interface to addresses vulnerabilities.  One (CVE-2021-22205) is Critical and is being actively exploited in the wild. This update protects against improper validation of image files that are passed to a file parser resulting in a remote command execution.

For a complete description of the vulnerabilities and effected systems, visit GitLab Critical Security Release: 13.10.3, 13.9.6, and 13.8.8.

IT Security

Read more about IT Security service offerings.