CVE-2021-22553
The CVE affects Gerrit where any git operation is proxied through Jetty, creating a session without expiry and not disposed by Jetty, enabling heap memory exhaustion on the server after multiple git actions. Affected software is Gerrit with Jetty-based session handling; root cause is non-expiring...