AVG-1905 log
| Package | gitlab-gitaly |
| Status | Fixed |
| Severity | Medium |
| Type | arbitrary command execution |
| Affected | 14.2.1-1 |
| Fixed | 14.2.2-1 |
| Current | 18.6.1-1 [extra] |
| Ticket | None |
| Created | Sun May 2 18:04:08 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-31799 | Medium | Yes | Arbitrary command execution | RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a... |
| Notes |
|---|
RDoc version 6.2.0 is bundled in Gitaly version 14.2.1, RDoc version 6.3.2 is bundled in Gitaly version 14.2.2. |