Accidental logging of system root password in the migration log in all versions of GitLab CE/EE prior to 14.2.6, all versions starting from 14.3 prior to 14.3.4, and all versions starting from 14.4 prior to 14.4.1 allows an attacker with local file system access to obtain system root-level privileges
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |
||
gitlab gitlab 14.4.0 |