CVE-2021-22177

Summary

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=12.6, <13.6.7affected
GitLabGitLab>=13.7, <13.7.7affected
GitLabGitLab>=13.8, <13.8.4affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References