CVE-2023-29020: False Positive
(updated )
This advisory has been marked as False Positive and removed.
References
- cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
- github.com/fastify/fastify-passport/commit/07c90feab9cba0dd4779e47cfb0717a7e2f01d3d
- github.com/fastify/fastify-passport/security/advisories/GHSA-2ccf-ffrj-m4qw
- nvd.nist.gov/vuln/detail/CVE-2023-29020
- owasp.org/www-community/attacks/csrf
Detect and mitigate CVE-2023-29020 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →