Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/07 5:3 p.m.19 views

CVE-2025-49009

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access...

6.2CVSS6.2AI score0.00145EPSS
Exploits0References1
NVD
NVD
added 2025/06/05 5:15 p.m.15 views

CVE-2025-49009

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access...

6.2CVSS0.00145EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/05 4:40 p.m.4 views

CVE-2025-49009 Para Inserts Sensitive Information into Log File for Facebook authentication

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access...

6.2CVSS7.1AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 2025/06/05 4:40 p.m.64 views

CVE-2025-49009

Para’s CVE-2025-49009 affects the Para server (Facebook authentication flow) via FacebookAuthFilter.java, where a failed request to Facebook’s profile endpoint logs the full URL including the user’s access token in plaintext. The issue exists in versions prior to 1.50.8 and is mitigated by upgrad...

6.2CVSS6.3AI score0.00145EPSS
Exploits0References2
Rows per page
Query Builder