CVE-2019-10418: Incorrect Authorization
(updated )
Arquillian Steps Plugin provides a custom allow list for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
References
Detect and mitigate CVE-2019-10418 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →