CVE-2020-17521: Creation of Temporary File in Directory with Insecure Permissions
(updated )
Groovy extension methods were using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts.
References
Detect and mitigate CVE-2020-17521 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →