CVE-2021-39917 - log back

CVE-2021-39917 edited at 12 Dec 2021 20:50:40
Type
- Information disclosure
+ Denial of service
CVE-2021-39917 edited at 07 Dec 2021 20:19:10
Description
- An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking that could cause a denial of service attack.
+ An issue has been discovered in GitLab before version 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking that could cause a denial of service attack.
Notes
CVE-2021-39917 edited at 07 Dec 2021 09:33:55
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression related to quick actions features was susceptible to catastrophic backtracking that could cause a denial of service attack.
References
+ https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/
CVE-2021-39917 created at 07 Dec 2021 09:25:21