CVE-2017-1000503: Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

January 24, 2018 (updated February 12, 2018)

A race condition during Jenkins startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related settings not being set to their usual strict default.

References

jenkins.io/security/advisory/2017-12-14/
nvd.nist.gov/vuln/detail/CVE-2017-1000503

Code Behaviors & Features

Detect and mitigate CVE-2017-1000503 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →