Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-22219 - log back

CVE-2021-22219 edited at 08 Jun 2021 17:01:21

Description

-	GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
+	GitLab CE/EE since version 9.5 before 13.12.2 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.

References

	https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
	https://gitlab.com/gitlab-org/gitlab/-/issues/296995

CVE-2021-22219 created at 08 Jun 2021 16:55:44

Severity

+

Medium

Remote

+

Remote

Type

+	Information disclosure

Description

+	GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.

References

+	https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
+	https://gitlab.com/gitlab-org/gitlab/-/issues/296995

Notes