---

CVE-2021-22168 - log back

CVE-2021-22168 edited at 14 Jan 2021 08:34:57
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ A regular expression denial of service issue has been discovered in the NuGet API affecting all versions of GitLab starting from version 12.8. The issue is mitigated in GitLab version 13.7.2, 13.6.4, and 13.5.6.
References	+ https://about.gitlab.com/releases/2021/01/07/security-release-gitlab-13-7-2-released/#regular-expression-denial-of-service-in-nuget-api
Notes

CVE-2021-22168 created at 14 Jan 2021 08:31:44