Home > Vulnerability Database > CVE-2023-47639

Mend.io Vulnerability Database

CVE-2023-47639

Good to know:

Date: April 3, 2025

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4, exception messages, that are not HTTP exceptions, are visible in the JSON error response. This vulnerability is fixed in 3.2.5.

Severity Score

5.3

Related Resources (6)

Url: https://github.com/api-platform/core/security/advisories/GHSA-rfw5-cqjj-7v9r

Url: https://github.com/api-platform/core/pull/5823

Url: https://github.com/api-platform/core

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-47639

Url: https://github.com/api-platform/core/commit/ba8a7e6538bccebf14c228e43a9339214c4d9201

Url: https://www.mend.io/vulnerability-database/CVE-2023-47639

Severity Score

5.3

Weakness Type (CWE)

Generation of Error Message Containing Sensitive Information

CWE-209

Top Fix

Upgrade Version

Upgrade to version https://github.com/api-platform/core.git - v3.2.5

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-47639

Good to know:

Date: April 3, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?