diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-14 19:52:50 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-14 19:52:50 +0100 |
commit | d119d50759af597ec63c9b05d154b3c86c29ad57 (patch) | |
tree | 28816239fb359f66775c39723b20540801046c85 /data/CVE | |
parent | b1c2b8bf3d490bd1a67cf04140ee6dc489c883fc (diff) |
Update entry for CVE-2021-39939
Associate it with gitlab-ci-multi-runner, as it is an issue in this
source package.
Mark it not-affected as the problematic code got introduced only after
version 13.3.1.
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/list.2021 | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 308be9088c..94d69146bb 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -17103,10 +17103,9 @@ CVE-2021-39941 (An information disclosure vulnerability in GitLab CE/EE versions CVE-2021-39940 (An issue has been discovered in GitLab CE/EE affecting all versions st ...) - gitlab <unfixed> CVE-2021-39939 (An uncontrolled resource consumption vulnerability in GitLab Runner af ...) - - gitlab <unfixed> + - gitlab-ci-multi-runner <not-affected> (Vulnerable code introduced later) NOTE: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/28630 NOTE: https://about.gitlab.com/releases/2021/12/10/security-release-gitlab-runner-14-5-2-released/ - NOTE: fix released in 14.3.4, 14.6 in experimental. CVE-2021-39938 (A vulnerable regular expression pattern in GitLab CE/EE since version ...) - gitlab <unfixed> CVE-2021-39937 (A collision in access memoization logic in all versions of GitLab CE/E ...) |