CVE-2021-22902 log

Severity Low
Remote Yes
Type Denial of service
There is a possible Denial of Service vulnerability in Action Dispatch before version 6 before and Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expression engine.
Group Package Affected Fixed Severity Status Ticket
AVG-1905 gitlab-gitaly 14.0.0-1 Medium Vulnerable
AVG-2090 gitlab 13.12.3-1 14.0.0-1 Medium Fixed