CVE-2021-22187
published 2021-03-02CVE-2021-22187: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or…
PriorityP419medium4.3CVSS 3.1
AVNACLPRLUINSUCNINAL
EPSS
1.04%
59.7th percentile
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 13.2.3-2 (sid) | gitlab 13.2.3-2 (sid) |
| gitlab | gitlab | < 13.6.7 | 13.6.7 |
| gitlab | gitlab | < 13.7.7 | 13.7.7 |
| gitlab | gitlab | < 13.8.4 | 13.8.4 |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab_ee | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2021-22187: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed runnin
vendor_gitlab·2021-03-02·CVSS 4.3
CVE-2021-22187 [MEDIUM] CWE-400 CVE-2021-22187: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed runnin
CVE-2021-22187: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted.
Debian
CVE-2021-22187: gitlab - An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE be...
vendor_debian·2021·CVSS 4.3
CVE-2021-22187 [MEDIUM] CVE-2021-22187: gitlab - An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE be...
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted.
Scope: local
sid: resolved (fixed in 13.2.3-2)
GHSA
GHSA-jx85-pcwq-c9wc: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 12
ghsa_unreviewed·2022-05-24
CVE-2021-22187 [MEDIUM] CWE-400 GHSA-jx85-pcwq-c9wc: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 12
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 12.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted.
OSV
CVE-2021-22187: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13
osv·2021-03-02·CVSS 4.3
CVE-2021-22187 [MEDIUM] CVE-2021-22187: An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13
An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. A potential resource exhaustion issue that allowed running or pending jobs to continue even after project was deleted.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-03-02
Published