236 matches found
PT-2026-37261
Name of the Vulnerable Software and Affected Versions Fides versions 2.75.0 through 2.83.1 Description Deployments that enable both subject identity verification and duplicate privacy request detection are susceptible to an issue where an administrator can approve a privacy request without the...
CVE-2024-34715
Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the webserver for this database connection includes special characters such as @ and $, webserver...
-fides-amor-et-lux (=1.0.0), -tompan-reacttemplate (>=1.0.1 <=1.1.0) +41716 more potentially affected by CVE-2025-66031 via node-forge (>=0.10.0 <=1.3.1)
node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...
-fides-amor-et-lux (=1.0.0), -tompan-reacttemplate (>=1.0.1 <=1.1.0) +41716 more potentially affected by CVE-2025-12816 via node-forge (>=0.10.0 <=1.3.1)
node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...
Improper Session Invalidation
ethycafides is vulnerable to improper session invalidation. The vulnerability is due to active user sessions not being invalidated after an admin UI password change, which allows an attacker with previously obtained session tokens to maintain unauthorized access even after a password reset...
Improper Authorization
ethycafides is vulnerable to improper authorization. The vulnerability is due to insufficient scope validation in the OAuth client creation and update endpoints, which allows an attacker or a highly privileged user to escalate privileges to owner-level...
EUVD-2025-27268
Malicious code in bioql PyPI...
EUVD-2023-2057
Malicious code in bioql PyPI...
EUVD-2025-27264
Malicious code in bioql PyPI...
EUVD-2023-2555
Malicious code in bioql PyPI...
EUVD-2024-2694
Malicious code in bioql PyPI...
EUVD-2024-2766
Malicious code in bioql PyPI...
EUVD-2023-2765
Malicious code in bioql PyPI...
EUVD-2025-29103
Malicious code in bioql PyPI...
EUVD-2025-27262
Malicious code in bioql PyPI...
EUVD-2024-1520
Malicious code in bioql PyPI...
EUVD-2024-2158
Malicious code in bioql PyPI...
EUVD-2023-1942
Malicious code in bioql PyPI...
EUVD-2023-0074
Malicious code in bioql PyPI...
EUVD-2024-2256
Malicious code in bioql PyPI...