CVE-2021-22219 - log back

CVE-2021-22219 edited at 08 Jun 2021 17:01:21
Description
- GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
+ GitLab CE/EE since version 9.5 before 13.12.2 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
References
https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
https://gitlab.com/gitlab-org/gitlab/-/issues/296995
CVE-2021-22219 created at 08 Jun 2021 16:55:44
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
References
+ https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
+ https://gitlab.com/gitlab-org/gitlab/-/issues/296995
Notes