Lucene search
MitreCVELIST:CVE-2019-1000011HistoryFeb 04, 2019 - 9:00 p.m.
CVE-2019-1000011
2019-02-0421:00:00
mitre
www.cve.org
0.001 Low
EPSS
Percentile
23.8%
API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability appears to have been fixed in 2.3.6.
Related
friendsofphp
friendsofphp
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
osv
osv
CVE-2019-1000011
2019-02-04 21:29:01
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26
gitlab
gitlab
Improper Access Control
2019-02-04 00:00:00
github
github
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26
cve
cve
CVE-2019-1000011
2019-02-04 21:29:01
prion
prion
Improper access control
2019-02-04 21:29:00
nvd
nvd
CVE-2019-1000011
2019-02-04 21:29:01