5 matches found
EUVD-2023-2555
Malicious code in bioql PyPI...
CVE-2023-41319 Remote Code Execution in Custom Integration Upload in Fides
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. The Fides webserver API allows custom integrations to be uploaded as a ZIP file. This ZIP file must contain YAML...
Directory Traversal
ethycafides is vulnerable to Directory Traversal. The vulnerability exists because the directories are not properly restricted which allows a remote attacker to access arbitrary files on the fides webserver container's filesystem...
CVE-2023-36827
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
PYSEC-2023-107
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...