## https://sploitus.com/exploit?id=SAINT:64EC3EF37FAA5A17CFF244075F703E05
Added: 11/24/2021
### Background
[GitLab](<https://gitlab.com/gitlab-org/gitlab>) is an open-source software development platform with built-in version control and issue tracking.
### Problem
A remote attacker can execute arbitrary commands by uploading a specially crafted image to GitLab, which executes injected Perl code when ExifTool parses DjVu annotations.
### Resolution
[Upgrade](<https://about.gitlab.com/install/>) to GitLab 13.8.8, 13.9.6, or 13.10.3 or higher.
### References
<https://gitlab.com/gitlab-org/gitlab/-/issues/327121>
<https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/>