---

CVE-2021-22237 - log back

CVE-2021-22237 edited at 03 Aug 2021 20:15:38
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Access restriction bypass
Description	+ Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab versions before 14.1.2.
References	+ https://about.gitlab.com/releases/2021/08/03/security-release-gitlab-14-1-2-released/#perform-git-actions-with-an-impersonation-token-even-if-impersonation-is-disabled
Notes

CVE-2021-22237 created at 03 Aug 2021 20:13:20