VYPR

Elide

by Yahoo

CVEs (2)

  • CVE-2022-24827Apr 11, 2022
    risk 0.00cvss epss 0.01

    Elide is a Java library that lets you stand up a GraphQL/JSON-API web service with minimal effort. When leveraging the following together: Elide Aggregation Data Store for Analytic Queries, Parameterized Columns (A column that requires a client provided parameter), and a…

  • CVE-2020-5289Mar 30, 2020
    risk 0.00cvss epss 0.01

    In Elide before 4.5.14, it is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at least one other field in the model. The adversary can construct filter expressions for an inaccessible field to filter a…