4 matches found
CVE-2024-9202
In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which datasets = data offers another party can see in a requested catalog, to ensure that only authorized parties are able to view restricted offers. However, there is the possibility to request a single...
CVE-2024-9202
In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which datasets = data offers another party can see in a requested catalog, to ensure that only authorized parties are able to view restricted offers. However, there is the possibility to request a single...
CVE-2024-9202
CVE-2024-9202 affects Eclipse Dataspace Components versions 0.1.3–0.9.0. The Connector’s catalog filtering fails for single-dataset requests, potentially allowing unauthorized parties to view restricted datasets. The issue stems from missing filtering in the DatasetResolverImpl (lines 76–79). Exp...
PT-2024-39485 · Eclipse · Eclipse Dataspace Components
Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.1.3 through 0.9.0 Description: The issue concerns the Connector component in Eclipse Dataspace Components, which is responsible for filtering datasets that another party can see in a requested catalog...