CVE-2021-32624: Information Exposure

May 24, 2021 (updated May 28, 2021)

Keystone 5 is an open source CMS platform to build Node.js applications. This security advisory relates to a newly discovered capability in our query infrastructure to directly or indirectly expose the values of private fields, bypassing the configured access control.

References

nvd.nist.gov/vuln/detail/CVE-2021-32624

Detect and mitigate CVE-2021-32624 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →