CVE-2018-0800: Exposure of Sensitive Information to an Unauthorized Actor

January 4, 2018 (updated January 17, 2018)

Microsoft Edge in Microsoft Windows allows an attacker to obtain information to further compromise the user’s system, due to how the scripting engine handles objects in memory, aka “Scripting Engine Information Disclosure Vulnerability”. This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780.

References

www.securityfocus.com/bid/102392
www.securitytracker.com/id/1040100
nvd.nist.gov/vuln/detail/CVE-2018-0800
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0800

Code Behaviors & Features

Detect and mitigate CVE-2018-0800 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →