Lucene search
GoogleOSV:GHSA-974J-WJXX-WGGJHistoryOct 14, 2019 - 9:23 p.m.
Incorrect Access Control vulnerability in api-platform/core
2019-10-1421:23:26
Google
osv.dev
9
EPSS
0.001
Percentile
23.7%
API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability appears to have been fixed in 2.3.6.
Related
cvelist
cvelist
CVE-2019-1000011
2019-02-04 21:00:00
gitlab
gitlab
Improper Access Control
2019-02-04 00:00:00
github
github
Incorrect Access Control vulnerability in api-platform/core
2019-10-14 21:23:26
prion
prion
Improper access control
2019-02-04 21:29:00
friendsofphp
friendsofphp
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
CVE-2019-1000011: Access control bypass in GraphQL mutations
2019-01-15 17:30:00
nvd
nvd
CVE-2019-1000011
2019-02-04 21:29:01
cve
cve
CVE-2019-1000011
2019-02-04 21:29:01
osv
osv
CVE-2019-1000011
2019-02-04 21:29:01