VYPR
Unrated severityNVD Advisory· Published Dec 13, 2021· Updated Aug 4, 2024

CVE-2021-39933

CVE-2021-39933

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression used for handling user input (notes, comments, etc) was susceptible to catastrophic backtracking that could cause a DOS attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    >=12.10, <14.3.6 || >=14.4, <14.4.4 || >=14.5, <14.5.2+ 1 more
    • (no CPE)range: >=12.10, <14.3.6 || >=14.4, <14.4.4 || >=14.5, <14.5.2
    • (no CPE)range: >=12.10, <14.3.6
  • osv-coords
    Range: >= 12.10.0, < 14.3.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.