CVE-2020-11054: UI Discrepancy for Security Feature
(updated )
After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors. the URL was mistakenly displayed as green (
colors.statusbar.url.success_https). While the user already has seen a certificate error prompt at this point (or set
content.ssl_strictto
false`, which is not recommended), this could still provide a false sense of security.
References
Detect and mitigate CVE-2020-11054 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →