An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing code changes.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39932.json | Third Party Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/217360 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2021-12-13 16:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-39932
Mitre link : CVE-2021-39932
CVE.ORG link : CVE-2021-39932
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-20
Improper Input Validation