Unrated severityNVD Advisory· Published Dec 13, 2021· Updated Aug 4, 2024
CVE-2021-39933
CVE-2021-39933
Description
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A regular expression used for handling user input (notes, comments, etc) was susceptible to catastrophic backtracking that could cause a DOS attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>=12.10, <14.3.6 || >=14.4, <14.4.4 || >=14.5, <14.5.2+ 1 more
- (no CPE)range: >=12.10, <14.3.6 || >=14.4, <14.4.4 || >=14.5, <14.5.2
- (no CPE)range: >=12.10, <14.3.6
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39933.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/340449mitrex_refsource_MISC
- hackerone.com/reports/1320077mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.