Lucene search
+L

5 matches found

github
github
added 2026/06/05 4:3 p.m.14 views

NocoDB: Hidden Column Exposure in Public Shared View Endpoints

Summary Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on hidden columns enabling boolean-blind extraction, and the related-data...

6.9CVSS5.6AI score0.00239EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/06/05 4:3 p.m.14 views

GHSA-4W6R-5C2J-QF5F NocoDB: Hidden Column Exposure in Public Shared View Endpoints

Summary Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on hidden columns enabling boolean-blind extraction, and the related-data...

6.9CVSS5.6AI score0.00239EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.15 views

PT-2026-46996

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description Public shared-view endpoints expose values from columns that the view owner had hidden through three independent paths. First, the groupBy function returns raw values for any column named in the...

6.9CVSS5.9AI score0.00239EPSS
Exploits0References6
osv
osv
added 2026/04/03 1:27 p.m.5 views

JLSEC-2026-34

An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. A...

4.3CVSS7.2AI score0.01187EPSS
Exploits2References6
osv
osv
added 2021/02/23 6:15 p.m.2 views

DEBIAN-CVE-2021-20229

A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality...

4.3CVSS6.2AI score0.01466EPSS
Exploits0References1
Rows per page
Query Builder