---

CVE-2021-39934 - log back

CVE-2021-39934 edited at 07 Dec 2021 20:20:37
Description	- Improper access control allows any project member to retrieve the service desk email address in GitLab CE/EE versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. + Improper access control allows any project member to retrieve the service desk email address in GitLab before version 14.5.2.
Notes

CVE-2021-39934 edited at 07 Dec 2021 09:33:32
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Information disclosure
Description	+ Improper access control allows any project member to retrieve the service desk email address in GitLab CE/EE versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.
References	+ https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/

CVE-2021-39934 created at 07 Dec 2021 09:25:21