关联漏洞
标题:
GitLab 代码注入漏洞
(CVE-2021-22205)
描述:GitLab是美国GitLab公司的一个开源的端到端软件开发平台,具有内置的版本控制、问题跟踪、代码审查、CI/CD(持续集成和持续交付)等功能。 Gitlab Community Edition 存在代码注入漏洞,该漏洞源于图像解析器在处理图像文件时输入验证不正确。以下产品及版本受到影响::Gitlab Community Edition: 11.9.0, 11.9.1, 11.9.2, 11.9.3, 11.9.4, 11.9.5, 11.9.6, 11.9.7, 11.9.8, 11.9.9, 11
介绍
# CVE-2021-22205
[](https://ci.appveyor.com/project/ahmad4fifz/cve-2021-22205)
This is the deployment for Gitlab Enterprise Edition (13.9.5) that is vulnerable to [CVE-2021-22205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22205) using Docker container.
## Description:
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
## Requirement:
Required atleast 4 CPU, 8GB RAM and 160GB Storage if using Digital Ocean's droplet. (Monthly around $40 only)
## Setup:
```
docker-compose up --build -d
```
## Volumes:
- ./config:/etc/gitlab
- ./logs:/var/log/gitlab
- ./data:/var/opt/gitlab
## References:
- https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthenticated-remote-code-execution-cve-2021-22205-exploited-in-the-wild/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22205
- https://about.gitlab.com/blog/2021/11/04/action-needed-in-response-to-cve2021-22205/
- https://nvd.nist.gov/vuln/detail/CVE-2021-22205
## License
Released under [MIT](/LICENSE) by [@ahmad4fifz](https://github.com/ahmad4fifz).
文件快照
[4.0K] /data/pocs/a64ad67e081d7dfc5f6ff9701ea6ece40a54d76a
├── [ 541] docker-compose.yml
├── [4.0K] filebeat
│ └── [ 0] filebeat.cfg
├── [4.0K] gitlab
│ ├── [ 626] Dockerfile
│ ├── [4.0K] dummy
│ │ └── [ 37] backup.txt
│ └── [ 115] entry.sh
└── [1.3K] README.md
3 directories, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。