Technical advisories

This section contains technical advisories, security bulletins, and other important and timely information related to Ed-Fi offerings.

The following list is sorted with the latest advisory at the top.

• Advisory: Implementation Error When Using Profiles with Multi-Tenant Deployments - February, 2025
• Advisory: String Validation Divergence - June, 2024
• Advisory: Microsoft SqlClient Vulnerability - February, 2024
• Advisory: Potential for Broken Authorization When Using Admin App or Admin API - November, 2023
• Advisory: ReadChanges action grants access to Read and Update actions - July, 2023
• Advisory: Non-Enforcement of Profile Usage - March, 2023
• Advisory: Swagger UI XSS Vulnerability - August, 2022
• Advisory: API Case Sensitivity Issue - April, 2022
• Advisory: Analysis of the Log4j Vulnerability - December, 2021