CVE-2018-1000114: Incorrect Authorization
(updated )
An improper authorization vulnerability exists in the Jenkins Promoted Builds Plugin in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions.
References
Detect and mitigate CVE-2018-1000114 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →