CVE-2018-1000805: Incorrect Permission Assignment for Critical Resource
(updated )
Paramiko version contains an Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
References
Detect and mitigate CVE-2018-1000805 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →