CVE-2021-39940

2021-12-1316:15:09

Google

osv.dev

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.6%

JSON

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab Maven Package registry is vulnerable to a regular expression denial of service when a specifically crafted string is sent.