Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-39913 - log back

CVE-2021-39913 edited at 28 Oct 2021 15:15:23

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Information disclosure

Description

+	Accidental logging of system root password in the migration log in all versions of GitLab CE/EE allows an attacker with local file system access to obtain system root-level privileges.

References

+	https://about.gitlab.com/releases/2021/10/28/security-release-gitlab-14-4-1-released/

CVE-2021-39913 created at 28 Oct 2021 15:08:24