CVE-2021-39938 log
Source |
|
Severity | Low |
Remote | Yes |
Type | Denial of service |
Description | A vulnerable regular expression pattern in GitLab before version 14.5.2 allows an attacker to cause uncontrolled resource consumption leading to Denial of Service via specially crafted deploy Slash commands. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2603 | gitlab | 14.5.0-1 | 14.5.2-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
11 Dec 2021 | ASA-202112-10 | AVG-2603 | gitlab | High | multiple issues |
References |
---|
https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/ |