CVE-2018-1000150: Information Exposure

April 5, 2018 (updated May 15, 2018)

An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin that allows attackers with local file system access to obtain a list of authorities for logged-in users.

References

jenkins.io/security/advisory/2018-03-26/
nvd.nist.gov/vuln/detail/CVE-2018-1000150

Detect and mitigate CVE-2018-1000150 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →