6 matches found
GHSA-WWXH-74FX-33C6 Possible prototype pollution in metadata record, when using meta decorator
Impact Possible prototype pollution for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The likelihood is questionable, given that a class' metadata can only be set or altered when the class is decorated via meta. Furthermore...
CVE-2014-2521
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command...
CVE-2014-2521
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command...
CVE-2014-2521
CVE-2014-2521 affects EMC Documentum Content Server versions 6.7 SP2 P16 and 7.x prior to 7.1 P07. The vulnerability stems from improper authorization checks on certain RPC commands, allowing remote authenticated users to read sensitive object metadata. Impact is read access to metadata of unauth...
CVE-2013-0305
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information...
CVE-2013-0305
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information...