CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2025/05/22 9:35 p.m.•6 views

CVE-2021-43781

Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...

6.4CVSS6.6AI score0.00662EPSS

Exploits1

OSV•added 2021/12/06 11:57 p.m.•30 views

GHSA-XR38-W74Q-R8JV Permissions not properly checked in Invenio-Drafts-Resources

Impact Invenio-Drafts-Resources does not properly check permissions when a record is published. The vulnerability is exploitable in a default installation of InvenioRDM. An authenticated user is able via REST API calls to publish draft records of other users if they know the record identifier and...

6.4CVSS5.3AI score0.00662EPSS

Exploits1References5

Github Security Blog•added 2021/12/06 11:57 p.m.•32 views

Permissions not properly checked in Invenio-Drafts-Resources

6.4CVSS0.4AI score0.00662EPSS

Exploits1References6Affected Software3

PyPA•added 2021/12/06 6:15 p.m.•6 views

PYSEC-2021-837

6.4CVSS7AI score0.00662EPSS

Exploits1References2Affected Software1

PyPA•added 2021/12/06 6:15 p.m.•6 views

PYSEC-2021-836

6.4CVSS7AI score0.00662EPSS

Exploits1References2Affected Software1

OSV•added 2021/12/06 6:15 p.m.•22 views

PYSEC-2021-838

6.4CVSS3.7AI score0.00662EPSS

Exploits1References2

OSV•added 2021/12/06 6:15 p.m.•25 views

PYSEC-2021-836

6.4CVSS3.7AI score0.00662EPSS

Exploits1References2

Cvelist•added 2021/12/06 5:45 p.m.•16 views

CVE-2021-43781 Permissions not properly checked in Invenio-Drafts-Resources

6.4CVSS6.5AI score0.00662EPSS

Exploits1References2

CVE•added 2021/12/06 5:45 p.m.•59 views

CVE-2021-43781

CVE-2021-43781 concerns Invenio-Drafts-Resources. The issue: versions prior to 0.13.7 and 0.14.6 fail to enforce permissions when publishing a record, allowing an authenticated user to publish draft records belonging to others via REST API if the record ID is known and the draft passes validation...

6.4CVSS4.6AI score0.00662EPSS

Exploits1References2Affected Software1

CNNVD•added 2021/12/06 12:0 a.m.•5 views

Invenio-Drafts-Resources 安全漏洞

Invenio-Drafts-Resources is a submission/deposit module for Invenio. It is used for research data management. A security vulnerability exists in Invenio-Drafts-Resources versions prior to 0.13.7 and 0.14.6, which stems from a failure to properly check permissions in the affected product. The...

6.4CVSS5.7AI score0.00662EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by