exploitDog

GHSA-mhh7-364w-v3ph

Опубликовано: 31 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.x is unaffected by this issue.)

The VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.x is unaffected by this issue.)

Ссылки

EPSS

Процентиль: 30%

0.00109

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2023-28877

CVSS3: 7.5

nvd

почти 3 года назад

The VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.x is unaffected by this issue.)

EPSS

Процентиль: 30%

0.00109

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284