Lucene search
OpenJS FoundationFRIENDSOFPHP:API-PLATFORMHistoryJan 15, 2019 - 5:30 p.m.
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-1517:30:00
OpenJS Foundation
github.com
7
0.001 Low
EPSS
Percentile
23.8%
Q A Bug fix? yes New feature? no BC breaks? no Deprecations? no Tests pass? yes Fixed tickets #2364 License MIT Doc PR This prevents passing IRIs belonging to different resource classes, which would bypass access control in some instances (see #2364).
| CPE | Name | Operator | Version |
|---|---|---|---|
| api-platform/core | lt | 2.3.6 |
Related
cvelist
cvelist
CVE-2019-1000011
2019-02-04 21:00:00
gitlab
gitlab
Improper Access Control
2019-02-04 00:00:00
github
github
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26
cve
cve
CVE-2019-1000011
2019-02-04 21:29:01
osv
osv
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26
CVE-2019-1000011
2019-02-04 21:29:01
prion
prion
Improper access control
2019-02-04 21:29:00
friendsofphp
friendsofphp
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
nvd
nvd
CVE-2019-1000011
2019-02-04 21:29:01