Security Advisories - api-platform/core - Packagist

api-platform/core Security Advisories for v3.2.0-alpha.1 (3)

[HIGH] GraphQL grant on a property might be cached with different objects

PKSA-gs8r-6kz6-pp56 CVE-2025-31485 GHSA-428q-q3vv-3fq3

Affected version: >=4.0.0-alpha.1,<4.0.22|<3.4.17

Reported by:
GitHub
[HIGH] GraphQL query operations security can be bypassed

PKSA-gnn4-pxdg-q76m CVE-2025-31481 GHSA-cg3c-245w-728m

Affected version: <3.4.17|>=4.0.0-alpha.1,<4.0.22

Reported by:
GitHub
[MEDIUM] API Platform Core can leak exceptions message that may contain sensitive information

PKSA-q2bp-c9gn-wy37 CVE-2023-47639 GHSA-rfw5-cqjj-7v9r

Affected version: >=3.2.0,<3.2.5

Reported by:
GitHub