CVE-2021-22902 log

Severity Low
Remote Yes
Type Denial of service
There is a possible Denial of Service vulnerability in Action Dispatch before version 6 before and Carefully crafted Accept headers can cause the mime type parser in Action Dispatch to do catastrophic backtracking in the regular expression engine.
Group Package Affected Fixed Severity Status Ticket
AVG-2223 gitlab-gitaly 14.0.4-1 14.1.0-1 Medium Fixed
AVG-2090 gitlab 13.12.3-1 14.0.0-1 Medium Fixed