Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:39516
HistoryMar 04, 2023 - 9:57 p.m.

Information Disclosure

2023-03-0421:57:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
information disclosure
api-platform
core
vulnerability
resource properties
metadata
apiproperty
attribute
security option
apiplatform
bug
unauthorized users
authorized users

0.001 Low

EPSS

Percentile

27.8%

JSON

api-platform/core is vulnerable to Information Disclosure. Resource properties secured with the security option in the ApiPlatform\Metadata\ApiProperty attribute could be disclosed to unauthorized users when the option depends on the value of a property of the item. This bug can also hide properties that should be displayed to authorized users.

Related

osv 2
cvelist 1
friendsofphp 1
prion 1
gitlab 1
github 1
cve 1
nvd 1
osv
osv
CVE-2023-25575
2023-02-28 23:15:11
api-platform/core's secured properties may be accessible within collections
2023-02-28 23:25:54
cvelist
cvelist
CVE-2023-25575 Secured properties in API Platform Core may be accessible within collections
2023-02-28 22:21:48
friendsofphp
friendsofphp
CVE-2023-25575: Secured properties may be accessible within collections
2023-02-28 10:37:00
prion
prion
Design/Logic Flaw
2023-02-28 23:15:00
gitlab
gitlab
api-platform/core's secured properties may be accessible within collections
2023-02-28 00:00:00
github
github
api-platform/core's secured properties may be accessible within collections
2023-02-28 23:25:54
cve
cve
CVE-2023-25575
2023-02-28 23:15:11
nvd
nvd
CVE-2023-25575
2023-02-28 23:15:11

0.001 Low

EPSS

Percentile

27.8%

JSON
Related for VERACODE:39516
osv2cvelist1friendsofphp1prion1gitlab1github1cve1nvd1