API - API Security Blog

BIT-hubble-2023-34242

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in wh ...

June 04, 2024

BIT-hubble-2022-29178

Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorr ...

June 04, 2024

Argo CD’s API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd/v2

Argo CD's API server does not enforce project sourceNamespaces in...Read More ...

June 04, 2024

Pebble service manager’s file pull API allows access by any user in github.com/canonical/pebble

Pebble service manager's file pull API allows access by any user in...Read More ...

June 04, 2024

Server/API for Vela Insecure Variable Substitution in github.com/go-vela/server

Server/API for Vela Insecure Variable Substitution in...Read More ...

June 04, 2024

TotalCloud Insights: Securing Your Data—The Power of Encryption in Preventing Threats

Introduction Did you know there is a 90% failure rate for encryption-related controls of MySQL Server in Microsoft Azure? The issue isn't confined to Azure; in Google Cloud Platform (GCP) environ ...

June 04, 2024

Microweber < 1.2.11 – CRLF Injection

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to...Read More ...

June 04, 2024

(RHSA-2024:3580) Moderate: Red Hat JBoss Enterprise Application Platform 8.0.2 Security update

Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.2 serves ...

June 04, 2024