Security Advisory

CVE-2021-22553

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-02-17 12:05:17

Last updated 2024-09-16 19:51:15

Assigner Google

State PUBLISHED

Description

Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically dispose of the session. Over multiple git actions, this can lead to a heap memory exhaustion for Gerrit servers. We recommend upgrading Gerrit to any of the versions listed above.

← Browse all CVEs View on cve.org ↗