VulnerableCode Package Details - pkg:alpm/archlinux/gitlab@13.7.1-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/gitlab@13.7.1-1

Essentials
History (5)

purl	pkg:alpm/archlinux/gitlab@13.7.1-1

Next non-vulnerable version	13.7.2-1
Latest non-vulnerable version	15.2.1-1
Risk	4.0

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-5wbt-x41a-e7bs Aliases: CVE-2021-22166	An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method	13.7.2-1 Affected by 0 other vulnerabilities.
VCID-7fnb-yfbq-bfeh Aliases: CVE-2021-22168	A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8.	13.7.2-1 Affected by 0 other vulnerabilities.
VCID-b1et-bsq2-cyfn Aliases: CVE-2021-22167	An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository	13.7.2-1 Affected by 0 other vulnerabilities.
VCID-hrbv-6bwd-a3hz Aliases: CVE-2020-26414	An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution time have quadratic growth based on the length of the malicious input string.	13.7.2-1 Affected by 0 other vulnerabilities.
VCID-myew-c4zd-u3cw Aliases: CVE-2021-22171	Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted link	13.7.2-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:25:43.551510+00:00	Arch Linux Importer	Affected by	VCID-hrbv-6bwd-a3hz	https://security.archlinux.org/AVG-1416	38.0.0
2026-04-01T18:25:43.528630+00:00	Arch Linux Importer	Affected by	VCID-5wbt-x41a-e7bs	https://security.archlinux.org/AVG-1416	38.0.0
2026-04-01T18:25:43.504081+00:00	Arch Linux Importer	Affected by	VCID-b1et-bsq2-cyfn	https://security.archlinux.org/AVG-1416	38.0.0
2026-04-01T18:25:43.480032+00:00	Arch Linux Importer	Affected by	VCID-7fnb-yfbq-bfeh	https://security.archlinux.org/AVG-1416	38.0.0
2026-04-01T18:25:43.455624+00:00	Arch Linux Importer	Affected by	VCID-myew-c4zd-u3cw	https://security.archlinux.org/AVG-1416	38.0.0