---

CVE-2021-39944 - log back

CVE-2021-39944 edited at 07 Dec 2021 20:22:13
Description	- An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import. + An issue has been discovered in GitLab before version 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import.
Notes

CVE-2021-39944 edited at 07 Dec 2021 09:27:54
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Privilege escalation
Description	+ An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import.
References	+ https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/

CVE-2021-39944 created at 07 Dec 2021 09:25:21