CVE-2021-22197

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 where an infinite loop exist when an authenticated user with specific rights access a MR having source and target branch pointing to each other

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=10.6, <13.8.7affected
GitLabGitLab>=13.9, <13.9.5affected
GitLabGitLab>=13.10, <13.10.1affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References