GHSA-32rx-xvvr-4xv9: easyadmin-extension-bundle action case insensitivity
In alterphp/easyadmin-extension-bundle, role based access rules do not handle action name case sensitivity which may lead to unauthorized access.
References
- github.com/FriendsOfPHP/security-advisories/blob/master/alterphp/easyadmin-extension-bundle/2018-10-02.yaml
- github.com/advisories/GHSA-32rx-xvvr-4xv9
- github.com/alterphp/EasyAdminExtensionBundle/commit/68407ca5be644d1c53fb894453df951230afc6dc
- github.com/alterphp/EasyAdminExtensionBundle/releases/tag/v1.3.1
Detect and mitigate GHSA-32rx-xvvr-4xv9 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →