API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed i ...
Continue Reading
April 04, 2025
Original message: I found an issue with security grants on on properties in the GraphQL ItemNormalizer: If you use something like #[ApiProperty(security: 'is_granted("PROPERTY_READ&q ...
Continue Reading
April 04, 2025
Summary Using the Relay special node type you can bypass the configured security on an operation. Details Here is an example of how to apply security configurations for the GraphQL operations: ```php ...
Continue Reading
April 04, 2025
Summary Using the Relay special node type you can bypass the configured security on an operation. Details Here is an example of how to apply security configurations for the GraphQL operations: ```php ...
Continue Reading
April 04, 2025
Original message: I found an issue with security grants on on properties in the GraphQL ItemNormalizer: If you use something like #[ApiProperty(security: 'is_granted("PROPERTY_READ&q ...
Continue Reading
April 04, 2025
Summary Using the Relay special node type you can bypass the configured security on an operation. Details Here is an example of how to apply security configurations for the GraphQL operations: ```php ...
Continue Reading
April 04, 2025
Summary Using the Relay special node type you can bypass the configured security on an operation. Details Here is an example of how to apply security configurations for the GraphQL operations: ```php ...
Continue Reading
April 04, 2025
Original message: I found an issue with security grants on on properties in the GraphQL ItemNormalizer: If you use something like #[ApiProperty(security: 'is_granted("PROPERTY_READ&q ...
Continue Reading
April 04, 2025
Back to Main
