Hello. There is a self hosted gitlab installation. An exploit was found along the path gitlab-ralis/uploads/-/system/temp/hash/file. The help file describes that the directory is used for custom uploads (avatars, note attachments, etc. Uploads administration | GitLab ). Is it possible to find out who…

It sounds like a malicious actor attempted to exploit CVE-2021-22205 on your instance. [image] CVE-2021-22205: How to determine if a self-managed instance has been impacted How to Use GitLab Using available logs provided by GitLab, it is possible to determine if a GitLab …

How to find the user who uploaded the file

How to Use GitLab Self-managed

gitlab-greg March 17, 2022, 3:16pm 2

It sounds like a malicious actor attempted to exploit CVE-2021-22205 on your instance.

2 Likes

Topic		Replies	Views
CVE-2021-22205: How to determine if a self-managed instance has been impacted How to Use GitLab	26	28296	June 8, 2022
Potentially serious vulnerability on self-hosted Gitlab General security	4	4467	November 4, 2021
How to debug gitlab source code, about cve-2021-22205 Infrastructure as Code & Cloud Native api	0	357	November 9, 2021
Security: many selfhosted instances probably hacked by 'johnyj12345' Self-managed	2	4327	July 15, 2020
Empty repository Self-managed	5	2610	December 4, 2021

How to find the user who uploaded the file

Related topics