CVE-2021-39947
on gitlab
on gitlab
Published
Severity
CVSS v3:
7.5 HIGH
CVSS v2:
4.3 MEDIUM
Description
In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of several jobs
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:gitlab:gitlab_runner:*:*:*:*:*:*:*:* | n/a | 14.3.4 | * |
cpe:2.3:a:gitlab:gitlab_runner:*:*:*:*:*:*:*:* | 14.5.0 (including) | 14.5.2 | * |
cpe:2.3:a:gitlab:gitlab_runner:*:*:*:*:*:*:*:* | 14.4.0 (including) | 14.4.2 | * |