CVE-2021-34532: Exposure of Sensitive Information to an Unauthorized Actor

August 12, 2021 (updated December 28, 2023)

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is data inside the targeted website like IDs, tokens, nonces, and other sensitive information.

References

github.com/dotnet/announcements/issues/195
nvd.nist.gov/vuln/detail/CVE-2021-34532
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532

Detect and mitigate CVE-2021-34532 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →