security: fix CVE-2024-37905 (cherry-pick #10230)

[gcp-cherry-pick-bot]

Cherry-picked security: fix CVE-2024-37905 (#10230)

Co-authored-by: Marc 'risson' Schmitt marc.schmitt@risson.space

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	4d09be1
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/667be88bf1e9290008677904
😎 Deploy Preview	https://deploy-preview-10236--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[codecov]

Codecov Report

Attention: Patch coverage is 5.00000% with 19 lines in your changes missing coverage. Please review.

Project coverage is 51.96%. Comparing base (b5ffd16) to head (4d09be1).

Files	Patch %	Lines
authentik/core/tests/test_token_api.py	0.00%	15 Missing ⚠️
authentik/core/api/tokens.py	20.00%	4 Missing ⚠️

Additional details and impacted files

@@                 Coverage Diff                 @@
##           version-2024.4   #10236       +/-   ##
===================================================
- Coverage           92.51%   51.96%   -40.56%     
===================================================
  Files                 669      669               
  Lines               32925    32943       +18     
===================================================
- Hits                30462    17120    -13342     
- Misses               2463    15823    +13360     

Flag	Coverage Δ
e2e	50.52% <5.00%> (-0.03%)	⬇️
integration	25.89% <0.00%> (-0.02%)	⬇️
unit	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.