CVE-2021-39936 log

Source
Severity Low
Remote Yes
Type Access restriction bypass
Description
Improper access control in GitLab before version 14.5.2 allows an attacker in possession of a deploy token to access a project's disabled wiki.
Group Package Affected Fixed Severity Status Ticket
AVG-2603 gitlab 14.5.0-1 14.5.2-1 High Fixed
Date Advisory Group Package Severity Type
11 Dec 2021 ASA-202112-10 AVG-2603 gitlab High multiple issues
References
https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/