CVE-2024-36128: Directus is soft-locked by providing a string value to random string util
This counts as an unauthenticated denial of service attack vector so this impacts all unpatched instances reachable over the internet.
References
Detect and mitigate CVE-2024-36128 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →