CVE-2021-39939

Published
View on NVD ↗
CVSS v3
6.5
MEDIUM
CVSS v2
4
MEDIUM
Affected
2
PROJECTS

Description

An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker triggering a job with a specially crafted docker image to exhaust resources on runner manager

gitlab-org/cves
gitlab-org/cves
This project hosts the CVEs that have been assigned by GitLab in its role as a CNA. See https://about.gitlab.com/security/cve/ for more information
GitLabGitLab
22
gitlab-org/gitlab-runner
gitlab-org/gitlab-runner
GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab
GitLabGitLab
2.56K