CVE-2021-22166

Summary

An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.7, <13.7.2affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References