Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in GitLab
Alerts

Critical Vulnerability in GitLab

19 April 2021

GitLab has released a security update to address a critical vulnerability in its Community Edition (CE) and Enterprise Edition (EE). 

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code on the server when uploading specially-crafted image files. The vulnerability has a Common Vulnerability Scoring System (CVSS) v3.1 score of 9.9 and affects all versions of GitLab CE and EE starting from version 11.9.

Administrators and users running affected GitLab CE or EE versions are advised to upgrade to the latest versions (13.10.3, 13.9.6, or 13.8.8) immediately.

More information is available here:

https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/

Back to top