CVE-2019-3888: Information Exposure
(updated )
An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402
logs the HttpServerExchange
object at ERROR
level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t,exchange)
.
References
Detect and mitigate CVE-2019-3888 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →