PT-2021-6486 · Gitlab · Gitlab
Afewgoats
·
Published
2021-08-20
·
Updated
2024-03-06
·
CVE-2021-22246
CVSS v3.1
7.7
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
GitLab versions prior to 14.0.2
GitLab versions prior to 13.12.6
GitLab versions prior to 13.11.6
Description
The issue is related to the GitLab Webhook feature, which can be exploited to cause a denial of service. This is due to the potential for unlimited memory allocation. A remote attacker can exploit this to disrupt service.
Recommendations
For versions prior to 14.0.2, update to version 14.0.2 or later.
For versions prior to 13.12.6, update to version 13.12.6 or later.
For versions prior to 13.11.6, update to version 13.11.6 or later.
Fix
DoS
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitlab