GMS-2018-20: Path Traversal

February 26, 2018

localhost-now suffers from a path traversal vulnerability. It allows reading the content of arbitrary files on the remote server.

References

github.com/DCKT/localhost-now/commit/30b004c7f145d677df8800a106c2edc982313995
hackerone.com/reports/312889

Code Behaviors & Features

Detect and mitigate GMS-2018-20 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →