CVE-2020-11003: Cross-Site Request Forgery (CSRF)

April 14, 2020 (updated April 15, 2020)

Oasis has a potential DNS rebinding or CSRF vulnerability. If you’re running a vulnerable application on your computer and an attacker can trick you into visiting a malicious website, they could use DNS rebinding and CSRF attacks.

References

nvd.nist.gov/vuln/detail/CVE-2020-11003

Detect and mitigate CVE-2020-11003 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →