CVE-2021-39944 log

Source
Severity High
Remote Yes
Type Privilege escalation
Description
An issue has been discovered in GitLab before version 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import.
Group Package Affected Fixed Severity Status Ticket
AVG-2603 gitlab 14.5.0-1 14.5.2-1 High Fixed
Date Advisory Group Package Severity Type
11 Dec 2021 ASA-202112-10 AVG-2603 gitlab High multiple issues
References
https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/