API - API Security Blog

Updated docker-containerd packages fix security vulnerability

A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the 'ExecSync' API. (CVE-2 ...

13 июня, 2022

Vulners Linux Audit API: Security Bulletin Publication Dates in Results

Hello everyone! In this short episode, I want to talk about the new feature in Vulners Linux API. Alternative video link (for Russia): Linux security bulletin publication dates are now included in sc ...

13 июня, 2022

Apache Airflow < 1.10.11 Multiple Vulnerabilities

The version of Apache Airflow is prior to 1.10.11. It is, therefore, affected by multiple vulnerabilities, including the following: - An issue was found in Apache Airflow versions 1.10.10 and below. ...

13 июня, 2022

Debian DSA-5162-1 : containerd – security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5162 advisory. - Moby is an open-source project created by Docker to enable an ...

13 июня, 2022

RST Threat feed. IOC: https://service-0g5r1jl1-1308244004.sh.apigw.tencentcs.com/api/x

Found **https://service-0g5r1jl1-1308244004[.]sh.apigw.tencentcs....Read More ...

13 июня, 2022

CVE-2022-1656

Vulnerable versions of the JupiterX Theme (Read More ...

13 июня, 2022

CVE-2022-31041

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensi ...

13 июня, 2022

CVE-2022-1772

The Google Places Reviews WordPress plugin before 2.0.0 does not properly escape its Google API key setting, which is reflected on the site's administration panel. A malicious administrator could abus ...

13 июня, 2022