# CVE-2021-22205

> An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution vulnerability.

- **CVSS:** 10 (CRITICAL)
- **EPSS:** 94.5%
- **CISA KEV:** yes (known ransomware use)
- **CWE:** CWE-94

Canonical: https://intel.threadlinqs.com/cve/CVE-2021-22205
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp