API – API Security Blog

CVE-2022-1902

A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifier ...

July 07, 2022

Over 1200 NPM Packages Found Involved in “CuteBoi” Cryptomining Campaign

[![Cryptomining Campaign](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEioLnI5GJVBjf2gAlNTzybqBLOGGDnCIWMdJYNx0XKE51JZxaHyLlbR7Vq8ugV69jn3p824ifRfpcDPcm8NI7yTkd1csM1qM8He1xdlL09vugyzVkNLOq ...

July 07, 2022

CrackQL – GraphQL Password Brute-Force And Fuzzing Utility

# [![](https://blogger.googleusercontent.com/img/a/AVvXsEgFVmUBDDQP3wgV0lUmJmRUSok2fYnB37fNyhLnV3C8p8Czy16AMK-Hkmphu1P4SeiCvxovoJkYHGGBn1ar-62RvfG9RC0LUMrffJsBuWxpTFlglUB_2bqsKXqfD-sB6gsNxDv-jw2Lnf5uR ...

July 06, 2022

libgcrypt security update

[ 1.8.5-7_fips] - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations [Orabug: 33081130] - Change Epoch from 1 to 10 [1.8.5-7] - Fix CVE-2021-33560 (#2018525)Read More ...

July 06, 2022

Atlassian Jira < 8.13.18 / 8.14.x < 8.20.6 / 8.21.x < 8.22.0 (JRASERVER-73595)

The version of Atlassian Jira installed on the remote host is prior to Read More ...

July 06, 2022

DOS and excessive memory usage when passing untrusted user input to to dag import

### Impact go-ipfs nodes crash when trying to import certain malformed CAR files due to an issue in the go-car dependency. This impacts nodes running `ipfs dag import` on untrusted user inputs, for ex ...

July 06, 2022

CVE-2022-20791

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

July 06, 2022

CVE-2022-20812

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

July 06, 2022