---

CVE-2021-39902 - log back

CVE-2021-39902 edited at 28 Oct 2021 15:11:20
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Access restriction bypass
Description	+ Incorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident.
References	+ https://about.gitlab.com/releases/2021/10/28/security-release-gitlab-14-4-1-released/

CVE-2021-39902 created at 28 Oct 2021 15:08:24