CVE-2017-17086: Improper Input Validation

December 1, 2017 (updated December 15, 2017)

Indeo Otter mishandles a “” substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.

References

inedo.myjetbrains.com/youtrack/issue/ILIB-11
nvd.nist.gov/vuln/detail/CVE-2017-17086

Detect and mitigate CVE-2017-17086 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →