CVE-2017-15879: Improper Input Validation

October 24, 2017 (updated November 14, 2017)

CSV Injection via a value that is mishandled in a CSV export.

References

github.com/keystonejs/keystone/pull/4478
nvd.nist.gov/vuln/detail/CVE-2017-15879
packetstormsecurity.com/files/144755/KeystoneJS-4.0.0-beta.5-Unauthenticated-CSV-Injection.html
www.exploit-db.com/exploits/43053/

Code Behaviors & Features

Detect and mitigate CVE-2017-15879 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →