aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates ...
Continue ReadingDecember 21, 2022
apiman-manager-api-rest-impl is vulnerable to authorization bypass. The vulnerability exists due to insufficient checks for read permissions which allows an attacker to access information and resource ...
Continue ReadingDecember 21, 2022
SnakeYAML features: * a complete YAML 1.1 parser. In particular, SnakeYAML can parse all examples from the specification. * Unicode support including UTF-8/UTF-16 input/output. * hig ...
Continue ReadingDecember 21, 2022
SnakeYAML features: * a complete YAML 1.1 parser. In particular, SnakeYAML can parse all examples from the specification. * Unicode support including UTF-8/UTF-16 input/output. * hig ...
Continue ReadingDecember 21, 2022
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that ...
Continue ReadingDecember 21, 2022
In an ideal world, vulnerabilities would not exist. A request would be sent to a server, properly validated, and only the intended information would be provided by the server. Of course, this is not a ...
Continue ReadingDecember 21, 2022
# Talos Vulnerability Report ### TALOS-2022-1624 ## Ghost unauthorized newsletter modification vulnerability ##### December 28, 2022 ##### CVE Number CVE-2022-41654 ##### SUMMARY An authentication byp ...
Continue ReadingDecember 21, 2022
## Summary GraphQL has a Denial of Service security vulnerability CVE-2022-37734 in GraphQL-java ## Vulnerability Details ** CVEID: **[CVE-2022-37734]() ** DESCRIPTION: **GraphQL Java is vulnerable to ...
Continue ReadingDecember 20, 2022
Back to Main