Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-25650

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.27), Mendix Applications using Mendix 8 (All versions < V8.18.14), Mendix Applications using Mendix 9 (All versions < V9.12.0), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.3). When querying the database, it is possible to sort the results using a protected field. With this an authenticated attacker could extract information about the contents of a protected field.

CVE
Open in Source
#vulnerability#pdf#auth

%PDF-1.5 %���� 1 0 obj << /D [2 0 R /XYZ 70.866 771.024 null] >> endobj 3 0 obj << /D [2 0 R /XYZ 70.866 646.963 null] >> endobj 4 0 obj << /D [2 0 R /XYZ 70.866 598.838 null] >> endobj 5 0 obj << /D [2 0 R /XYZ 70.866 192.428 null] >> endobj 6 0 obj << /D [7 0 R /XYZ 70.866 758.964 null] >> endobj 8 0 obj << /D [7 0 R /XYZ 85.039 326.658 null] >> endobj 9 0 obj << /D [10 0 R /XYZ 70.866 740.294 null] >> endobj 11 0 obj << /S /GoTo /D [2 0 R /Fit] >> endobj 2 0 obj << /Contents 12 0 R /Type /Page /Resources 13 0 R /Parent 14 0 R /Annots [15 0 R 16 0 R 17 0 R 18 0 R 19 0 R 20 0 R 21 0 R 22 0 R 23 0 R 24 0 R 25 0 R 26 0 R 27 0 R 28 0 R] /MediaBox [0 0 595.276 841.89] >> endobj 15 0 obj << /A << /S /URI /Type /Action /URI (https://docs.mendix.com/releasenotes/studio-pro/7.23) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 487.411 518.276 498.828] >> endobj 17 0 obj << /A << /S /GoTo /D (section*.3) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [302.649 450.056 433.497 462.733] >> endobj 18 0 obj << /A << /S /URI /Type /Action /URI (https://docs.mendix.com/releasenotes/studio-pro/8.18) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 409.505 518.276 420.922] >> endobj 20 0 obj << /A << /S /GoTo /D (section*.3) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [302.649 372.15 433.497 384.827] >> endobj 21 0 obj << /A << /S /URI /Type /Action /URI (https://docs.mendix.com/releasenotes/studio-pro/9.12) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 331.599 518.276 343.016] >> endobj 23 0 obj << /A << /S /GoTo /D (section*.3) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [302.649 294.244 433.497 306.922] >> endobj 24 0 obj << /A << /S /URI /Type /Action /URI (https://docs.mendix.com/releasenotes/studio-pro/9.6) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 241.738 518.276 253.155] >> endobj 26 0 obj << /A << /S /GoTo /D (section*.3) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [302.649 204.383 433.497 217.061] >> endobj 27 0 obj << /A << /S /URI /Type /Action /URI (https://docs.mendix.com/refguide7/custom-settings) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [277.788 108.319 378.508 119.855] >> endobj 28 0 obj << /A << /S /GoTo /D (section*.2) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [386.143 78.431 524.579 89.967] >> endobj 29 0 obj << /A << /S /GoTo /D (section*.4) >> /Subtype /Link /C [1 0 0] /Type /Annot /H /I /Border [0 0 0] /Rect [147.498 757.968 309.548 769.385] >> endobj 13 0 obj << /ProcSet [/PDF /Text] /Font << /F51 30 0 R /F48 31 0 R >> >> endobj 12 0 obj << /Filter /FlateDecode /Length 2598 >> stream x��Z�r۸��S�R�Y3�?�ٛ�Iw�g���I;;�^(���Զ���n��$eK��8��;��E�| &�m�D���<:~+Ld�ULE�7�N�Q*��Iut9��ģi6����i��qU �T����7�L�OW94�$M��~n �X�j\�9�@���_���]�}D��$�$ќF��ї��h�~�­�~���HHN���<�FG�=J�P�o�&���"�a�hA�k�N?�F�+�n*HZB� � �N,կv�R��\��z�&Xj!�@R��} =�4m��͗.X�̊]K`ڃ��K�!c�0v K8ۻ� ���d<�V��5#&���׊(�d^���Gb��6�o�E�`�+g�X��H���=H � �O����F|�$�f��H��3D�9eD �GAa%�A��Ɍ���@bF���E㠽��Z��{�"�~�9’�o-�y��L�q�o����b4<�a-?�c� {6��4_x�>M����,f��a"���$@xH)�`*n���c��?JjJ%��WE�-��O��Y���a���Ɵ(I:�}���� ��:]e!ތ��J���+Ġ.x��j/"+�0��/�6��$B�ppu~~r1�I�’N����m��x�a�s��.[��i�w���:]����.����k���/���B8�}�+���W�����x��ѹ�c���-�E��fe^�ֳ�����l\f��5IX6���P)��w�[yWs�:g��"��~��6�`�E�V�tq�ҲL�h����[�y5 2����I����L7،�1�F�^�U��$��%Lr��&��? 9�u-�3Db͖8 �q��٤:����=p��,������9H�LS�4�x��!�q�5в�iS �.Bs���9�8 �p�7s��uۚ� �/���Жw��y�[�DZ��[ �6~��H�I��3��}{����#sB�Շ� � S]��.�1�(ђ�c�allq������՛�Q�©�’�U� �y�{EbJ�xڝ��^�c��#!5db�HLH�f|�Ꮻ�w�w�,u[ M���S[�Z��i��DC fP�}$�����@������6�j�hmo �Pۜ��}� Yt��$�:n����HBv�D����6���S�h.&u���E<��ڔUr���`�@���*�’�C�5r?���#�+Ր�<]�]�B���~$�p�J��74����`UTAe+W�g�e�s�h|lv [�N��� 6�`����Vnz2��d��\˯�t5A�ҭ���t�A#@��zcV�X�L"���E|��[^�m��)�˼���kA\�< À_�R1�p�0o�V�����-�.�I�����νC�*$g�f� q\�� ��zk��M��w�ߕ�r���x��}"2w��o�C����lu�*��4n�(j�<� �LǨ�֢v� ˷��Q����7(�H0m*|�:٪�U���^�j�S@C� �B �����:wɿ�E^������rzf~�Lkz����8R���4@�a��D �a�����H�@���x��A#]�VO_�9�$�h#�Q�o��`7�� ��Q��e�OF V�9z�����V � ���bV&��8l�U�{�}I���Ӷ���_]P릉>\����[� .x�q@����nA�Z������Yȿ�?� ��|>�ጁO� ��6��ik�~2��6�0�2��T3݁fт����4~I���1x�* f 6Y���Q���)��/ I���T��ku51I0�Ȉ�֏`l��$l b����m

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE