CVE-2018-8292: Exposure of Sensitive Information to an Unauthorized Actor

April 21, 2021

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka “.NET Core Information Disclosure Vulnerability.” This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

References

github.com/advisories/GHSA-7jgj-8wvc-jh57
github.com/dotnet/announcements/issues/88
nvd.nist.gov/vuln/detail/CVE-2018-8292

Detect and mitigate CVE-2018-8292 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →