CVE-2020-1757: Improper Input Validation
(updated )
A flaw was found in undertow, where the Servlet container causes servletPath
to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.
References
Detect and mitigate CVE-2020-1757 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →