CVE-2020-11059: Information Exposure

May 27, 2020 (updated October 7, 2021)

aegir may leak secrets from environment variables in the browser bundle published to npm.

References

nvd.nist.gov/vuln/detail/CVE-2020-11059

Detect and mitigate CVE-2020-11059 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →