CVE-2018-1304: Improper Access Control

February 28, 2018 (updated October 3, 2019)

Unauthorised users could gain access to web application resources. Only security constraints with a URL pattern of the empty string are affected.

References

www.securityfocus.com/bid/103170
www.securitytracker.com/id/1040427
lists.debian.org/debian-lts-announce/2018/03/msg00004.html
nvd.nist.gov/vuln/detail/CVE-2018-1304

Detect and mitigate CVE-2018-1304 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →