CVE-2018-8292: Exposure of Sensitive Information to an Unauthorized Actor

October 10, 2018 (updated December 6, 2018)

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka “.NET Core Information Disclosure Vulnerability.” This affects .NET Core, .NET Core, .NET Core, PowerShell Core

References

www.securityfocus.com/bid/105548
access.redhat.com/errata/RHSA-2018:2902
nvd.nist.gov/vuln/detail/CVE-2018-8292
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292

Code Behaviors & Features

Detect and mitigate CVE-2018-8292 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →