Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArchLinuxASA-202104-1
HistoryApr 29, 2021 - 12:00 a.m.

[ASA-202104-1] gitlab: multiple issues

2021-04-2900:00:00
security.archlinux.org
197

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

Arch Linux Security Advisory ASA-202104-1

Severity: Critical
Date : 2021-04-29
CVE-ID : CVE-2021-22205 CVE-2021-28965
Package : gitlab
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1822

Summary

The package gitlab before version 13.10.3-1 is vulnerable to multiple
issues including arbitrary code execution and incorrect calculation.

Resolution

Upgrade to 13.10.3-1.

pacman -Syu β€œgitlab>=13.10.3-1”

The problems have been fixed upstream in version 13.10.3.

Workaround

None.

Description

  • CVE-2021-22205 (arbitrary code execution)

An issue has been discovered in GitLab CE/EE affecting all versions
starting from 11.9. GitLab was not properly validating image files that
is passed to a file parser which resulted in a remote command
execution. The issue is fixed in GitLab versions 13.10.3, 13.9.6 and
13.8.8.

  • CVE-2021-28965 (incorrect calculation)

When parsing and serializing a crafted XML document, the REXML gem
(including the one bundled with Ruby) can create a wrong XML document
whose structure is different from the original one. The impact of this
issue highly depends on context, but it may lead to a vulnerability in
some programs that are using REXML. The issue is fixed in version 3.2.5
of the REXML gem.

Impact

An attacker can crash or execute arbitrary code on the affected server
by providing a maliciously crafted XML or image file.

References

https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/
https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/#Remote-code-execution-when-uploading-specially-crafted-image-files
https://gitlab.com/gitlab-org/gitlab/-/issues/327121
https://hackerone.com/reports/1154542
https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
https://hackerone.com/reports/1104077
https://github.com/ruby/rexml/commit/a659c63e37414506dfb0d4655e031bb7a2e73fc8
https://github.com/ruby/rexml/commit/2fe62e29094d95921d7e19abbd2e26b23d78dc5b
https://github.com/ruby/rexml/commit/6a250d2cd1194c2be72becbdd9c3e770aa16e752
https://github.com/ruby/rexml/commit/f7bab8937513b1403cea5aff874cbf32fd5e8551
https://github.com/ruby/rexml/commit/f9d88e4948b4a43294c25dc0edb16815bd9d8618
https://github.com/ruby/rexml/commit/9b311e59ae05749e082eb6bbefa1cb620d1a786e
https://github.com/ruby/rexml/commit/3c137eb119550874b2b3e27d12b733ca67033377
https://security.archlinux.org/CVE-2021-22205
https://security.archlinux.org/CVE-2021-28965

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanygitlab<Β 13.10.3-1UNKNOWN

References

Related

githubexploit 26
ubuntucve 2
nessus 37
debiancve 2
openvas 19
osv 13
hivepro 2
prion 2
cisa_kev 1
nuclei 1
checkpoint_advisories 1
thn 9
veracode 2
fedora 6
cloudfoundry 1
cbl_mariner 2
redhatcve 1
ubuntu 2
cve 2
hackerone 1
freebsd 2
suse 1
github 1
alpinelinux 1
amazon 1
rapid7blog 3
rocky 3
redhat 8
attackerkb 1
oraclelinux 3
almalinux 3
zdt 2
packetstorm 2
metasploit 1
exploitdb 1
securelist 1
debian 1
mageia 1
ibm 2
qualysblog 2
malwarebytes 1
avleonov 1
ics 1
rosalinux 1
githubexploit
githubexploit
Exploit for Improper Input Validation in Gitlab
2021-11-10 13:57:55
Exploit for Improper Input Validation in Gitlab
2021-10-30 11:54:29
Exploit for Code Injection in Gitlab
2021-11-04 09:01:07
ubuntucve
ubuntucve
CVE-2021-22205
2021-04-23 00:00:00
CVE-2021-28965
2021-04-12 00:00:00
nessus
nessus
GitLab 7.12.x < 13.8.8 / 13.9.x < 13.9.6 / 13.10.x < 13.10.3 RCE
2021-11-03 00:00:00
EulerOS 2.0 SP8 : ruby (EulerOS-SA-2021-1987)
2021-06-28 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2021-2012)
2021-06-30 00:00:00
debiancve
debiancve
CVE-2021-22205
2021-04-23 18:15:00
CVE-2021-28965
2021-04-21 07:15:00
openvas
openvas
GitLab < 13.8.8, 13.9.x < 13.9.6, 13.10.x < 13.10.3 RCE Vulnerability - Active Check
2021-11-08 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2012)
2021-07-01 00:00:00
Ubuntu: Security Advisory (USN-4922-1)
2021-04-21 00:00:00
osv
osv
CVE-2021-28965
2021-04-21 07:15:07
BIT-gitlab-2021-22205
2024-03-06 11:20:01
CVE-2021-22205
2021-04-23 18:15:08
hivepro
hivepro
GUI-Vil Threat Group Exploits AWS for Crypto Mining
2023-05-25 06:36:40
Cerber targeting organizations with publicly available exploits
2021-12-14 13:50:15
prion
prion
Design/Logic Flaw
2021-04-23 18:15:00
Code injection
2021-04-21 07:15:00
cisa_kev
cisa_kev
GitLab Community and Enterprise Editions Remote Code Execution Vulnerability
2021-11-03 00:00:00
nuclei
nuclei
GitLab CE/EE - Remote Code Execution
2021-10-27 12:31:04
checkpoint_advisories
checkpoint_advisories
GitLab CE Remote Code Execution (CVE-2021-22205)
2021-11-14 00:00:00
thn
thn
Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations
2023-05-22 16:05:00
Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild
2021-11-02 10:03:00
Researchers Takeover Unpatched 3rd-Party Antivirus Sandboxes via VirusTotal
2022-04-25 20:00:00
veracode
veracode
Remote Code Execution (RCE)
2023-08-06 14:34:15
XML Injection
2021-04-17 02:47:08
fedora
fedora
[SECURITY] Fedora 33 Update: ruby-2.7.3-136.fc33
2021-04-17 14:06:37
[SECURITY] Fedora 32 Update: ruby-2.7.3-136.fc32
2021-04-17 14:21:01
[SECURITY] Fedora 34 Update: rubygem-railties-6.1.2.1-2.fc34
2021-04-24 20:20:14
cloudfoundry
cloudfoundry
USN-4922-1: Ruby vulnerability | Cloud Foundry
2021-04-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-28965 affecting package ruby 2.6.6-4
2021-06-09 03:50:37
CVE-2021-28965 affecting package ruby 2.7.2-4
2022-04-09 06:51:53
redhatcve
redhatcve
CVE-2021-28965
2021-04-08 17:16:00
ubuntu
ubuntu
Ruby vulnerability
2021-04-26 00:00:00
Ruby vulnerability
2021-04-20 00:00:00
cve
cve
CVE-2021-22205
2021-04-23 18:15:00
CVE-2021-28965
2021-04-21 07:15:00
hackerone
hackerone
Ruby: Round-trip instability in REXML
2021-02-16 08:10:08
freebsd
freebsd
Gitlab -- Vulnerabilities
2021-04-14 00:00:00
ruby -- XML round-trip vulnerability in REXML
2021-04-05 00:00:00
suse
suse
Security update for ruby2.5 (moderate)
2021-04-24 00:00:00
github
github
REXML round-trip instability
2021-04-30 17:30:37
alpinelinux
alpinelinux
CVE-2021-28965
2021-04-21 07:15:00
amazon
amazon
Medium: ruby24
2021-05-14 16:58:00
rapid7blog
rapid7blog
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
2021-11-01 13:33:43
Metasploit Wrap-Up
2021-11-05 19:43:51
Rapid7 2021 Wrap-Up: Highlights From a Year of Empowering the Protectors
2022-01-05 18:52:41
rocky
rocky
ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
ruby:2.6 security, bug fix, and enhancement update
2021-06-29 13:58:40
redhat
redhat
(RHSA-2021:2584) Moderate: ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
(RHSA-2021:2229) Moderate: rh-ruby27-ruby security, bug fix, and enhancement update
2021-06-03 07:45:19
(RHSA-2021:2587) Moderate: ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
attackerkb
attackerkb
CVE-2021-22205
2021-04-23 00:00:00
oraclelinux
oraclelinux
ruby:2.7 security, bug fix, and enhancement update
2021-07-07 00:00:00
ruby:2.5 security, bug fix, and enhancement update
2021-07-02 00:00:00
ruby:2.6 security, bug fix, and enhancement update
2021-07-07 00:00:00
almalinux
almalinux
Moderate: ruby:2.7 security, bug fix, and enhancement update
2021-06-29 13:57:50
Moderate: ruby:2.5 security, bug fix, and enhancement update
2021-06-29 13:58:20
Moderate: ruby:2.6 security, bug fix, and enhancement update
2021-06-29 13:58:40
zdt
zdt
GitLab 13.10.2 - Remote Code Execution Exploit
2021-11-17 00:00:00
GitLab Unauthenticated Remote ExifTool Command Injection Exploit
2021-11-04 00:00:00
packetstorm
packetstorm
GitLab 13.10.2 Remote Code Execution
2021-11-17 00:00:00
GitLab Unauthenticated Remote ExifTool Command Injection
2021-11-04 00:00:00
metasploit
metasploit
GitLab Unauthenticated Remote ExifTool Command Injection
2021-11-02 08:46:51
exploitdb
exploitdb
GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)
2021-11-17 00:00:00
securelist
securelist
DDoS attacks in Q4 2021
2022-02-10 10:00:04
debian
debian
[SECURITY] [DSA 5066-1] ruby2.5 security update
2022-02-03 19:26:40
mageia
mageia
Updated ruby packages fix security vulnerability
2021-12-24 00:01:45
ibm
ibm
Security Bulletin: Multiple security vulnerabilities affect IBM Cloud Foundry Migration Runtime
2021-10-13 14:44:47
Security Bulletin: Netcool Operations Insights 1.6.10 addresses multiple security vulnerabilities.
2023-09-27 21:11:57
qualysblog
qualysblog
NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-07 20:03:01
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
malwarebytes
malwarebytes
Chinese APT's favorite vulnerabilities revealed
2022-10-13 16:15:00
avleonov
avleonov
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
ics
ics
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-06 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON
Related for ASA-202104-1
githubexploit26ubuntucve2nessus37debiancve2openvas19osv13hivepro2prion2cisa_kev1nuclei1checkpoint_advisories1thn9veracode2fedora6cloudfoundry1cbl_mariner2redhatcve1ubuntu2cve2hackerone1freebsd2suse1github1alpinelinux1amazon1rapid7blog3rocky3redhat8attackerkb1oraclelinux3almalinux3zdt2packetstorm2metasploit1exploitdb1securelist1debian1mageia1ibm2qualysblog2malwarebytes1avleonov1ics1rosalinux1