98 matches found
PT-2026-46233
🔒 API Platform CVE-2026-49858: JSON:API & HAL normalizers cached components across users on long-running runtimes FrankenPHP, RoadRunner, Swoole. Patched in 4.1.29 / 4.2.25 / 4.3.8 — upgrade now. https://t.co/1oIPjtQjqB...
CVE-2026-9808
An authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints utilizing API Platform. Under certain conditions, roles configured with owner-scope restrictions such as viewown or editown are not properly enforced. This allows low-privilege authenticated API users to bypass...
CVE-2025-23204
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Starting in version 3.3.8, a security check that gets called after GraphQl resolvers is always replaced by another one as there's no break in a clause. As this falls back to security, the impact is there only when...
EUVD-2019-0695
Malware in sbrugna...
EUVD-2023-0802
Malicious code in bioql PyPI...
EUVD-2024-32497
Malicious code in bioql PyPI...
EUVD-2025-7991
Malicious code in bioql PyPI...
EUVD-2025-9735
Malicious code in bioql PyPI...
EUVD-2025-9737
Malicious code in bioql PyPI...
EUVD-2024-27740
Malicious code in bioql PyPI...
EUVD-2024-46488
Malicious code in bioql PyPI...
EUVD-2024-47149
Malicious code in bioql PyPI...
CVE-2025-53673
Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
Jenkins Sensedia API Platform Plugin vulnerability exposes unencrypted tokens in its global configuration file
Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file com.sensedia.configuration.SensediaApiConfiguration.xml on the Jenkins controller as part of its configuration. This token can be viewed by users with acce...
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the global configuration form where the integration token is not properly masked. An attacker can obtain sensitive authentication credentials by viewing the configuration interface. Remediation...
CVE-2025-53674
Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2025-53673
Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
PT-2025-28926 · Jenkins · Jenkins Sensedia Api Platform Tools Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Sensedia Api Platform Tools Plugin version 1.0 Description: The Jenkins Sensedia Api Platform Tools Plugin does not mask the Sensedia API Manager integration token on the global configuration form, potentially allowing attackers to...
PT-2025-28925 · Jenkins · Jenkins Sensedia Api Platform Tools Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Sensedia Api Platform Tools Plugin version 1.0 Description: The Jenkins Sensedia Api Platform Tools Plugin stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller. This...
Jenkins plugin Sensedia Api Platform tools 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...