Cybersecurity researchers at HN Security have warned about cyberattacks in which criminals exploit a critical vulnerability (CVE-2021-22205) in the GitLab web interface.

The problem is related to incorrect validation of user-provided images. Exploitation of the vulnerability may lead to the execution of arbitrary code. The vulnerability affects all versions of the web interface from 11.9 and was fixed by GitLab in versions 13.8.8, 13.9.6 and 13.10.3.

Source: gitlab.com