(RHSA-2020:5634) Moderate: OpenShift Container Platform 4.7.0 packages security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages ...

Continue Reading
CVE-2021-28682

A flaw was found in envoyproxy/envoy. An attacker, able to craft a packet which specifies a large grpc-timeout, can potentially cause envoy to incorrectly calculate the timeouts resulting in a denial ...

Continue Reading
What does Zero Trust mean for API security?

The old mentality of building a moat around important assets and trusting anyone or anything that is already inside the castle perimeter has failed us. Attackers have developed many techniques to jump ...

Continue Reading
Prototype pollution in grpc and @grpc/grpc-js

"The package grpc before 1.24.4 and the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition."Read More ...

Continue Reading
Prototype pollution in grpc and @grpc/grpc-js

"The package grpc before 1.24.4 and the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition."Read More ...

Continue Reading
Prototype Pollution

## Overview "The package `grpc` before 1.24.4 and the package `@grpc/grpc-js` before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition." ## Recommendation Upgrade to version 1.1.8 ...

Continue Reading
Prototype Pollution in grpc/grpc-node

# Description `grpc` native core package is vulnerable to `Prototype Pollution`. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. # Pro ...

Continue Reading
Exploit for SQL Injection in Apache Skywalking

Apache SkyWalking ========== Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: