EUVD-2023-0802

Malicious code in bioql PyPI...

Loft Data Grids - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2024-054

This module provides serialization formats for use by other modules. The module includes a version of phpoffice/phpspreadsheet which has multiple known security vulnerabilities...

infinispan: Credentials returned from configuration as clear text

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials JDBC store with connection pooling, remote store, the credentials are returned in clear text as part of the configuration...

CVE-2023-25575

API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON...

Design/Logic Flaw

API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON...

CVE-2023-25575 Secured properties in API Platform Core may be accessible within collections

API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON...

api-platform/core's secured properties may be accessible within collections

API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON...

PT-2023-20173 · Unknown · Api Platform Core

Name of the Vulnerable Software and Affected Versions: API Platform Core versions 2.7 through 2.7.9 API Platform Core versions 3.0 through 3.0.11 API Platform Core versions 3.0.12 is not affected, versions 3.1 through 3.1.2 Description: Resource properties secured with the security option of the...

[SECURITY] Fedora 35 Update: golang-github-gogo-protobuf-1.3.2-5.fc35

Gogoprotobuf is a fork of golang/protobuf with extra code generation features. This code generation is used to achieve: - fast marshalling and unmarshalling - more canonical Go structures - goprotobuf compatibility - less typing by optionally generating extra helper code - peace of mind by...