---

CVE-2021-39897 - log back

CVE-2021-39897 edited at 28 Oct 2021 15:09:40
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Access restriction bypass
Description	+ Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with inherited access to a project from a parent group to still have access even after the subgroup is transferred.
References	+ https://about.gitlab.com/releases/2021/10/28/security-release-gitlab-14-4-1-released/

CVE-2021-39897 created at 28 Oct 2021 15:08:24