CVE-2020-8910: Improper Input Validation

March 26, 2020 (updated July 21, 2021)

A URL parsing issue in goog.uri of the Google Closure Library allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority.

References

nvd.nist.gov/vuln/detail/CVE-2020-8910

Detect and mitigate CVE-2020-8910 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →