An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab Maven Package registry is vulnerable to a regular expression denial of service when a specifically crafted string is sent.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2021-12-13T15:47:47
Updated: 2024-08-04T02:20:34.190Z
Reserved: 2021-08-23T00:00:00
Link: CVE-2021-39940
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-12-13T16:15:09.667
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-39940
Redhat
No data.