CVE-2021-22231

Summary

A denial of service in user's profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=8.0, <13.11.6affected
GitLabGitLab>=13.12, <13.12.6affected
GitLabGitLab>=14.0, <14.0.2affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References