98 matches found
CVE-2024-5250
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...
CVE-2024-5249
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed...
CVE-2024-3930
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity XXE was discovered...
CVE-2024-3930
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity XXE was discovered...
CVE-2024-3930 XML External Entity in Akana
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity XXE was discovered...
CVE-2024-3930 XML External Entity in Akana
In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity XXE was discovered...
CVE-2024-3930
CVE-2024-3930 is an XML External Entity (XXE) vulnerability in Akana API Platform prior to 2024.1.0. The NVD entry cites CVSS v3.1: Base score 9.8 (CRITICAL) with network attack vector, no privileges or user interaction required, and impacts to confidentiality, integrity, and availability. Other ...
CVE-2024-5250 Overly Verbose Errors in SAML Integration
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...
CVE-2024-5250
CVE-2024-5250 affects Akana API Platform versions prior to 2024.1.0, where SAML integration error messages are overly verbose. The issue is documented across multiple feeds (NVD/Red Hat/Son to ENISA and PT Security) and centers on verbose SAML error reporting rather than a runtime compromise vect...
CVE-2024-5249 SAML Replay in Akana
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed...
CVE-2024-5249
CVE-2024-5249 affects Akana API Platform versions prior to 2024.1.0. The vulnerability allows SAML tokens to be replayed, which can enable an unauthorized party to reuse previously valid tokens. Public documentation across multiple sources confirms affected product/version and its remediation: up...
CVE-2024-5249 SAML Replay in Akana
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed...
Akana API Platform 安全漏洞
Akana API Platform is one of Akana's easiest ways to accelerate your organization's digital transformation. A security vulnerability exists in Akana API Platform versions prior to 2024.1.0 that stems from SAML tokens that can be replayed...
PT-2024-35341 · Akana · Akana Api Platform
Name of the Vulnerable Software and Affected Versions: Akana API Platform versions prior to 2024.1.0 Description: The issue concerns overly verbose errors found in SAML integrations. Recommendations: For versions prior to 2024.1.0, update to version 2024.1.0 or later to resolve the issue...
Akana API Platform 安全漏洞
Akana API Platform is one of Akana's easiest ways to accelerate your organization's digital transformation. A security vulnerability exists in Akana API Platform versions prior to 2024.1.0 that stems from overly lengthy errors that can be found in SAML integrations...
Akana API Platform 代码问题漏洞
Akana API Platform is one of Akana's easiest ways to accelerate digital transformation in your organization. A code issue vulnerability exists in Akana API Platform versions prior to 2024.1.0 that stems from the presence of XML External Entity XXE injection...
PT-2024-22164 · Akana · Akana Api Platform +1
Name of the Vulnerable Software and Affected Versions: Akana API Platform versions prior to and including 2022.1.3 Akana Community Manager Developer Portal versions prior to and including 2022.1.3 Description: A server-side request forgery SSRF issue was discovered. This issue allows an attacker ...
Akana API Platform 安全漏洞
Akana API Platform is one of Akana's easiest ways to accelerate the digital transformation of your organization. A security vulnerability exists in Akana API Platform version 2022.1.3 and earlier, which stems from the presence of a Server Request Forgery SSRF vulnerability...
API Security in 2023: Major Insights from Postman’s State of the API Report
📣 Good news for all tech enthusiasts! The highly anticipated 2023 State of the API Report, conducted by Postman - one of the leading dev tools for building APIs, is now available. This comprehensive report, produced annually, is backed by an extensive survey and offers a deep dive into the...
Information Disclosure
api-platform/core is vulnerable to Information Disclosure. Resource properties secured with the security option in the ApiPlatform\Metadata\ApiProperty attribute could be disclosed to unauthorized users when the option depends on the value of a property of the item. This bug can also hide...