CVE-2020-1961: Injection Vulnerability

May 4, 2020 (updated May 7, 2020)

Attackers could inject arbitrary JEXL expressions, leading to Remote Code Execution.

References

syncope.apache.org/security
nvd.nist.gov/vuln/detail/CVE-2020-1961

Code Behaviors & Features

Detect and mitigate CVE-2020-1961 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →