CVE-2024-51734: Access control vulnerable to user data deletion by anonynmous users
(updated )
Anonymous users can delete the user data maintained by an AccessControl.userfolder.UserFolder
which may prevent any privileged access.
References
Detect and mitigate CVE-2024-51734 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →