CVE-2013-4112: Authentication via cached credentials

September 28, 2013 (updated March 8, 2014)

The DiagnosticsHandler in this package allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

References

bugzilla.redhat.com/CVE-2013-4112

Detect and mitigate CVE-2013-4112 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →