Description
Due to a vulnerablility in ExifTool, GitLab was not properly validating image files which resulted in a remote command execution.
Remediation
Upgrade to the latest version of GitLab
References
Related Vulnerabilities
Joomla! Core 3.x.x Remote Code Execution (3.7.0 - 3.8.7)
PHP object deserialization of user-supplied data
Jboss Application Server HTTPServerILServlet.java remote code execution
WordPress Plugin ThemeREX Addons Remote Code Execution (All)
WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)