CVE-2022-1423 - log back

CVE-2022-1423 edited at 09 May 2022 09:00:56
Severity
- Unknown
+ High
Type
- Unknown
+ Arbitrary code execution
Description
+ Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions from 1.0.2 before 14.8.6 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches.
References
Notes
CVE-2022-1423 created at 09 May 2022 08:57:49