CVE-2021-22168

Summary

A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=12.8, <13.5.6affected
GitLabGitLab>=13.6.0, <13.6.4affected
GitLabGitLab>=13.7.0, <13.7.2affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References