GMS-2019-2: XML Entity Expansion

October 1, 2019

go-yaml is vulnerable to a Billion Laughs Attack.

References

github.com/docker/cli/pull/2117

Detect and mitigate GMS-2019-2 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →