CVE-2021-21359: Asymmetric Resource Consumption (Amplification)
(updated )
Requesting invalid or non-existing resources via HTTP, triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a scenario in which the application is calling itself recursively - amplifying the impact of the initial attack until the limits of the web server are exceeded.
References
Detect and mitigate CVE-2021-21359 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →