A security reliability engineer at Google Cloud has revealed that malicious users have exploited a security flaw known as CVE-2021-22205 to launch a huge amount of denial of service (DDoS) attacks.
The vulnerability was discovered by William Bowling and a fix was released in April 2021. It affected ExifTool, which was used to remove metadata from images uploaded onto servers, and Bowling reported (https://bit.ly/lxf284bug) that he found a way to exploit the way ExifTool handles .djvu and .djv file uploads and gain control over the entire GitLab web server. Italian security firm HN Security then found that attacks exploiting the CVE-2021-22205 in June, after randomly named users were being added to GitLab servers, which were likely created by malicious users to gain control over compromised servers.