CVE-2018-1999001: Improper Input Validation
(updated )
An unauthorized modification of configuration vulnerability exists in Jenkins, in User.java
that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml
file from the Jenkins home directory.
References
Detect and mitigate CVE-2018-1999001 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →