CVE-2021-22219 log

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
GitLab CE/EE since version 9.5 before 13.12.2 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
Group Package Affected Fixed Severity Status Ticket
AVG-2023 gitlab 13.11.3-1 13.12.2-1 High Fixed
Date Advisory Group Package Severity Type
09 Jun 2021 ASA-202106-21 AVG-2023 gitlab High multiple issues
References
https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
https://gitlab.com/gitlab-org/gitlab/-/issues/296995