AVG-1905 log

Package gitlab-gitaly
Status Fixed
Severity Medium
Type arbitrary command execution
Affected 14.2.1-1
Fixed 14.2.2-1
Current 17.4.2-1 [extra]
Ticket None
Created Sun May 2 18:04:08 2021
Issue Severity Remote Type Description
CVE-2021-31799 Medium Yes Arbitrary command execution
RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a...
Notes
RDoc version 6.2.0 is bundled in Gitaly version 14.2.1, RDoc version 6.3.2 is bundled in Gitaly version 14.2.2.