CVE-2018-1320: Improper Input Validation
(updated )
An Apache Thrift Java client library can bypass SASL negotiation validation in the org.apache.thrift.transport.TSaslTransport class.
References
Detect and mitigate CVE-2018-1320 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →