CVE-2015-5723: Remote Code Execution due to incorrect permissions mask
(updated )
The permission masks is not properly set when creating a new directory or file. This can lead to local arbitrary code execution or privilege escalation. Such attacks typically require direct access to a user of the system to exploit, but are dangerous vectors when available.
References
Detect and mitigate CVE-2015-5723 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →