Yahoo Elide
3 CVEs affecting Yahoo Elide. Latest disclosed: 2026-06-29. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-24827 | High | 8.1 | 2022-04-11 | Elide is a Java library that lets you stand up a GraphQL/JSON-API web service with minimal effort. When leveraging the following together: Elide Aggregation Da… |
CVE-2020-5289 | Medium | 6.8 | 2020-03-30 | In Elide before 4.5.14, it is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at le… |
CVE-2026-57954 | Medium | 4.3 | 2026-06-29 | Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort colle… |