CVE-2016-1000249: Arbitrary File Read

January 23, 2017

fury-adapter-swagger has a vulnerability that allows arbitrary file reads off the file system. This could be used to retrieve sensitive data, or cause a denial of service by reading /dev/zero.

References

github.com/apiaryio/fury-adapter-swagger/pull/89

Detect and mitigate CVE-2016-1000249 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →