CVE-2020-15224: Files or Directories Accessible to External Parties

October 14, 2020 (updated November 18, 2021)

This vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information otherwise considered confidential in an enclave, which could be used in further compromises. The issue has been addressed and the current master branch. Users will need to to recompile their applications against the patched libraries to be protected from this vulnerability.

References

nvd.nist.gov/vuln/detail/CVE-2020-15224

Detect and mitigate CVE-2020-15224 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →