CVE-2023-29020: False Positive

April 21, 2023 (updated May 23, 2023)

This advisory has been marked as False Positive and removed.

References

cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
github.com/fastify/fastify-passport/commit/07c90feab9cba0dd4779e47cfb0717a7e2f01d3d
github.com/fastify/fastify-passport/security/advisories/GHSA-2ccf-ffrj-m4qw
nvd.nist.gov/vuln/detail/CVE-2023-29020
owasp.org/www-community/attacks/csrf

Code Behaviors & Features

Detect and mitigate CVE-2023-29020 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →