Vulnerabilities > Ethyca > Fides > 1.9.0

DATE CVE VULNERABILITY TITLE RISK
2023-11-15 CVE-2023-48224 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ethyca Fides
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code.
network
low complexity
ethyca CWE-338
critical
 9.1
9.1
2023-10-25 CVE-2023-46124 Server-Side Request Forgery (SSRF) vulnerability in Ethyca Fides
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, and the enforcement of privacy regulations in code.
network
low complexity
ethyca CWE-918
7.2
7.2
2023-10-25 CVE-2023-46125 Incorrect Authorization vulnerability in Ethyca Fides
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code.
network
low complexity
ethyca CWE-863
6.5
6.5
2023-10-25 CVE-2023-46126 Cross-site Scripting vulnerability in Ethyca Fides
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code.
network
low complexity
ethyca CWE-79
5.4
5.4