CVE-2017-13761: Information Exposure

September 14, 2017 (updated September 26, 2017)

The Fastly CDN for Magento, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses.

References

nvd.nist.gov/vuln/detail/CVE-2017-13761

Detect and mitigate CVE-2017-13761 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →