{"id":"CVE-2021-22231","details":"A denial of service in user's profile page is found starting with GitLab CE/EE 8.0 that allows attacker to reject access to their profile page via using a specially crafted username.","aliases":["BIT-gitlab-2021-22231"],"modified":"2026-04-10T04:30:00.138036Z","published":"2021-07-07T11:15:08.540Z","references":[{"type":"ADVISORY","url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22231.json"},{"type":"REPORT","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/26295"},{"type":"REPORT","url":"https://hackerone.com/reports/475098"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/gitlab-org/gitlab","events":[{"introduced":"b50421f8650a390aa637da68c7e0138dd764fdf3"},{"fixed":"c97463266eba228cdd87a62b1289bf372c1b3866"},{"introduced":"12a3ec8fb4a540576b2d47247bc86ea7e2c7565b"},{"fixed":"088a665feba19e15cff694d69fc920197286678b"},{"introduced":"0034acfc891b0cbc2ecc4aa4c5ca0d1f89e3c32f"},{"fixed":"2504e045362c0930170ea2f9bfd0d1e4d143a817"},{"introduced":"b50421f8650a390aa637da68c7e0138dd764fdf3"},{"fixed":"c97463266eba228cdd87a62b1289bf372c1b3866"},{"introduced":"12a3ec8fb4a540576b2d47247bc86ea7e2c7565b"},{"fixed":"088a665feba19e15cff694d69fc920197286678b"},{"introduced":"0034acfc891b0cbc2ecc4aa4c5ca0d1f89e3c32f"},{"fixed":"2504e045362c0930170ea2f9bfd0d1e4d143a817"}],"database_specific":{"versions":[{"introduced":"8.0.0"},{"fixed":"13.11.6"},{"introduced":"13.12.0"},{"fixed":"13.12.6"},{"introduced":"14.0.0"},{"fixed":"14.0.2"},{"introduced":"8.0.0"},{"fixed":"13.11.6"},{"introduced":"13.12.0"},{"fixed":"13.12.6"},{"introduced":"14.0.0"},{"fixed":"14.0.2"}]}}],"versions":["v13.12.0-ee","v13.12.1-ee","v13.12.3-ee","v13.12.4-ee","v13.12.5-ee","v14.0.0-ee","v14.0.1-ee"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22231.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}