CVE-2023-47639 Information

Description

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. From 3.2.0 until 3.2.4 exception messages that are not HTTP exceptions are visible in the JSON error response. This vulnerability is fixed in 3.2.5.

Reference

https://github.com/api-platform/core/commit/ba8a7e6538bccebf14c228e43a9339214c4d9201 https://github.com/api-platform/core/pull/5823 https://github.com/api-platform/core/security/advisories/GHSA-rfw5-cqjj-7v9r