CVE-2021-39941 - log back

CVE-2021-39941 edited at 07 Dec 2021 20:22:02
Description
- An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members.
+ An information disclosure vulnerability in GitLab before version 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members.
Notes
CVE-2021-39941 edited at 07 Dec 2021 09:34:55
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ An information disclosure vulnerability in GitLab CE/EE versions 12.0 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed non-project members to see the default branch name for projects that restrict access to the repository to project members.
References
+ https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/
CVE-2021-39941 created at 07 Dec 2021 09:25:21