CVE-2021-39914

Summary

A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a specially crafted username was used when provisioning a new user

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=8.13, <14.2.6affected
GitLabGitLab>=14.3.0, <14.3.4affected
GitLabGitLab>=14.4.0, <14.4.1affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References