CVE-2021-39932 - log back

CVE-2021-39932 edited at 07 Dec 2021 20:19:55
Description
- An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing code changes.
+ An issue has been discovered in GitLab before version 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing code changes.
Notes
CVE-2021-39932 edited at 07 Dec 2021 09:32:11
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing code changes.
References
+ https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/
CVE-2021-39932 created at 07 Dec 2021 09:25:21