A denial of service vulnerability in GitLab CE/EE affecting all versions starting from 12.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows low-privileged users to bypass file size limits in the NPM package repository to potentially cause denial of service.
References
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: GitLab

Published: 2022-01-18T16:52:12

Updated: 2022-01-18T16:52:12

Reserved: 2021-08-23T00:00:00


Link: CVE-2021-39942

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-01-18T17:15:08.723

Modified: 2022-01-25T16:55:34.780


Link: CVE-2021-39942

JSON object: View

cve-icon Redhat Information

No data.

CWE