GHSA-m2hp-5x78-74mg: Insecure Unserialize Vulnerability in FLOW3
Due to a missing signature (HMAC) for a request argument, an attacker could unserialize arbitrary objects within FLOW3.
To our knowledge it is neither possible to inject code through this vulnerability, nor are there exploitable objects within the FLOW3 Base Distribution. However, there might be exploitable objects within user applications.
References
Detect and mitigate GHSA-m2hp-5x78-74mg with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →