VYPR
Medium severity6.5NVD Advisory· Published Jun 3, 2022· Updated Jun 17, 2026

CVE-2022-29773

CVE-2022-29773

Description

An access control issue in aleksis/core/util/auth_helpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aleksis-corePyPI
< 2.92.9

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.