3 matches found
GHSA-QX5F-GHC2-7G5C Ethyca Fides has a Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection
Summary Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was never verified. For erasure policies, this can result in unauthorized deletio...
Ethyca Fides has a Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection
Summary Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was never verified. For erasure policies, this can result in unauthorized deletio...
lethe-bremen.de Improper Access Control vulnerability OBB-2423094
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...