CVE-2021-22184

Summary

An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=12.8, <13.6.6affected
GitLabGitLab>=13.7.0, <13.7.6affected
GitLabGitLab>=13.8.0, <13.8.2affected

Weaknesses

  • Inclusion of sensitive information in log files in GitLab

ADP Enrichment

CVE Program Container

Additional References

References