2 matches found
CVE-2024-52313
creationtimestamp| type| source ---|---|--- 2024-11-09 03:14:57+00:00| seen| https://t.me/cvedetector/10250...
CVE-2024-52313 data.all authenticated users can obtain incorrect object level authorizations
An authenticated data.all user is able to manipulate a getDataset query to fetch additional information regarding the parent Environment resource that the user otherwise would not able to fetch by directly querying the object via getEnvironment in data.all...