Lucene search
GoogleOSV:CVE-2019-1000011HistoryFeb 04, 2019 - 9:29 p.m.
CVE-2019-1000011
2019-02-0421:29:01
Google
osv.dev
3
API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability appears to have been fixed in 2.3.6.
Related
cvelist
cvelist
CVE-2019-1000011
2019-02-04 21:00:00
prion
prion
Improper access control
2019-02-04 21:29:00
osv
osv
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26
nvd
nvd
CVE-2019-1000011
2019-02-04 21:29:01
friendsofphp
friendsofphp
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
cve
cve
CVE-2019-1000011
2019-02-04 21:29:01
gitlab
gitlab
Improper Access Control
2019-02-04 00:00:00
github
github
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26