CVE-2021-33503: Uncontrolled Resource Consumption
(updated )
An issue was discovered in urllib3, when provided with a URL containing many @
characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.
References
Detect and mitigate CVE-2021-33503 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →