4 matches found
@mattie-bundle/mattie-strapi-bundle-example (>=1.0.0-alpha.0 <=1.0.0-alpha.3), @nx-extend/strapi (=3.5.2) +6 more potentially affected by CVE-2023-34093 via @strapi/strapi (>=0.0.0-a3ff110fc401ef4fbd6cd90780bf87a83a2cb04b <=4.10.8-exp.0)
@strapi/strapi NPM version =0.0.0-a3ff110fc401ef4fbd6cd90780bf87a83a2cb04b, =1.0.0-alpha.0, =0.0.0-00c0da0e5db43d5de823f6193c9a3fa0dd11a364, =0.0.0-00c0da0e5db43d5de823f6193c9a3fa0dd11a364, =0.0.0-02d487e4eec68a5961817a4f580ffead9a9362f0, =4.10.1-experimental.0 - leimonstrapi2 =4.10.5 -...
@exfabrica/strapi-plugin-awesome-seo (>=1.0.0-beta <=1.0.0-beta.1.2), @mattie-bundle/mattie-strapi-bundle-example (>=1.0.0-alpha.0 <=1.0.0-alpha.3) +54 more potentially affected by CVE-2023-34093 via @strapi/utils (>=0.0.0-a230f29587d4a221c9c686ca4e467b3fb465631a <=4.10.8-exp.0)
@strapi/utils NPM version =0.0.0-a230f29587d4a221c9c686ca4e467b3fb465631a, =1.0.0-beta, =1.0.0-alpha.0, =0.1.2, =0.0.0-00a3f69152eb918683ed5c05bfed9c45495c0a87, =0.0.0-experimental.0a47d9bbb261b49ab02af2597ede27b7bdb196f4, =0.0.0-experimental.0a47d9bbb261b49ab02af2597ede27b7bdb196f4,...
CVE-2023-34093
Strapi (open-source CMS) prior to version 4.10.8 is vulnerable to information disclosure due to improper handling of Content-Type attributes. The issue arises from the removal of the privateAttributes getter when users extend or modify content-types, which can cause any attribute to become public...
CVE-2023-34093
creationtimestamp| type| source ---|---|--- 2023-07-25 13:10:08+00:00| published-proof-of-concept| https://github.com/strapi/strapi/security/advisories/GHSA-chmr-rg2f-9jmf 2023-07-25 18:26:56+00:00| seen| https://t.me/cibsecurity/67241...