CVE-2019-1003011: Improper Input Validation
(updated )
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin which allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.
References
Detect and mitigate CVE-2019-1003011 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →