---

CVE-2021-22236 - log back

CVE-2021-22236 edited at 03 Aug 2021 20:14:38
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Incorrect calculation
Description	+ Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1 before version 14.1.2.
References	+ https://about.gitlab.com/releases/2021/08/03/security-release-gitlab-14-1-2-released/#new-subscriptions-generate-oauth-tokens-on-an-incorrect-oauth-client-application
Notes

CVE-2021-22236 created at 03 Aug 2021 20:13:20