CVE-2020-10744: Exposure of Resource to Wrong Sphere
(updated )
An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user
from become
directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems.
References
Detect and mitigate CVE-2020-10744 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →