Anyday

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 13.2 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 **Description** An issue has been discovered in GitLab CE/EE where the GitLab Maven Package registry is vulnerable to a regular expression denial of service when a specifically crafted string is sent. **Recommendations** For versions 13.2 through 14.3.6, update to version 14.3.6 or later. For versions 14.4 through 14.4.4, update to version 14.4.4 or later. For versions 14.5 through 14.5.2, update to version 14.5.2 or later.