Dan Jensen

**Name of the Vulnerable Software and Affected Versions** GitLab versions 8.13 to 14.2.5 GitLab versions 14.3.0 to 14.3.3 GitLab versions 14.4.0 **Description** A regular expression denial of service issue could cause excessive usage of resources when a specially crafted `username` was used when provisioning a new user. **Recommendations** For GitLab versions 8.13 to 14.2.5, update to a version outside of this range to resolve the issue. For GitLab versions 14.3.0 to 14.3.3, update to a version outside of this range to resolve the issue. For GitLab version 14.4.0, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the use of specially crafted usernames when provisioning new users until a patch is available.