CVE-2013-0248: /tmp directory used by default for uploaded files
(updated )
The default configuration of javax.servlet.context.tempdir in this package uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
References
Detect and mitigate CVE-2013-0248 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →