CVE-2021-39939 - log back

CVE-2021-39939 edited at 11 Dec 2021 09:45:09
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Incorrect calculation
Description
+ GitLab Runner before version 14.5.2 was susceptible to Golang security issue CVE-2021-44717: don’t close fd 0 on ForkExec error, which could result in misdirected I/O such as writing network traffic intended for one connection to a different connection, or content intended for one file to a different one.
References
+ https://about.gitlab.com/releases/2021/12/10/security-release-gitlab-runner-14-5-2-released/
Notes
CVE-2021-39939 created at 11 Dec 2021 09:44:02