Critical severity9.6NVD Advisory· Published Aug 5, 2021· Updated Jun 17, 2026
CVE-2021-22234
CVE-2021-22234
Description
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all versions starting from 14.0 before 14.0.4. A specially crafted design image allowed attackers to read arbitrary files on the server.
Affected products
3- Range: 13.11 < 13.11.7, 13.12 < 13.12.8, 14.0 < 14.0.4
- Range: >=14.0, <14.0.4
Patches
Vulnerability mechanics
References
3- hackerone.com/reports/1212067nvdExploitIssue TrackingThird Party Advisory
- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22234.jsonnvdVendor Advisory
- gitlab.com/gitlab-org/gitlab/-/issues/335205nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.