CVE-2018-1000863: Path Traversal
(updated )
A data modification vulnerability exists in Jenkins in User.java
, IdStrategy.java
that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins.
References
Detect and mitigate CVE-2018-1000863 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →