---

CVE-2021-39910 - log back

CVE-2021-39910 edited at 07 Dec 2021 20:18:38

Description

- An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab was vulnerable to HTML Injection through the Swagger UI feature. + An issue has been discovered in GitLab before version 14.5.2. GitLab was vulnerable to HTML Injection through the Swagger UI feature.

CVE-2021-39910 edited at 07 Dec 2021 09:26:58
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Content spoofing
Description	+ An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab was vulnerable to HTML Injection through the Swagger UI feature.
References	+ https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/
Notes

CVE-2021-39910 created at 07 Dec 2021 09:25:21