First published: Tue Oct 05 2021(Updated: )
A potential DOS vulnerability was discovered in GitLab starting with version 9.1 that allowed parsing files without authorisation.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=9.1.0<14.1.7 | |
GitLab GitLab | >=9.1.0<14.1.7 | |
GitLab GitLab | >=14.2.0<14.2.5 | |
GitLab GitLab | >=14.2.0<14.2.5 | |
GitLab GitLab | >=14.3.0<14.3.1 | |
GitLab GitLab | >=14.3.0<14.3.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-39893 is a potential Denial of Service (DoS) vulnerability discovered in GitLab starting with version 9.1 that allows parsing files without authorization.
GitLab versions between 9.1.0 and 14.1.7, 14.2.0 and 14.2.5, and 14.3.0 and 14.3.1 are affected by CVE-2021-39893.
CVE-2021-39893 has a severity rating of high, with a value of 7.5.
To fix CVE-2021-39893, it is recommended to upgrade GitLab to a version that is not affected by the vulnerability.
You can find more information about CVE-2021-39893 on the GitLab official website.