A Denial Of Service vulnerability in the apollouploadserver Ruby gem in GitLab CE/EE version 11.11 and above allows an attacker to deny access to all users via specially crafted requests to the apollouploadserver middleware.
apollo_upload_server