Security Bulletin: Vulnerability in GraphQL Java may affect IBM Robotic Process Automation and result in a denial of service (CVE-2022-37734)

## Summary There is a vulnerability in the Java used by IBM Robotic Process Automation as part of it's infrastructure, license management and UMS which may result in a denial of service. (CVE-2022-377 ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: FileNet Content Manager GraphQL jackson-databind security vulnerabilities, affected but not vulnerable

## Summary FileNet Content Manager GraphQL jackson-databind security vulnerabilities CVE-2022-42003 and CVE-2022-42004, affected but not vulnerable ## Vulnerability Details ** CVEID: **[CVE-2022-42003 ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affect IBM Cloud Pak System (CVE-2022-37734)

## Summary Vulnerability has been identified in WebSphere Application Server Liberty shipped with Cloud Pak System. Information about vulnerability has been published in security bulletin. ## Vulnerab ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: Liberty is vulnerable to denial of service due to GraphQL Java affecting IBM TXSeries for Multiplatforms

## Summary Liberty is vulnerable to a denial of service due to GraphQL Java (mpGraphQL-1.0 or mpGraphQL-2.0) caused by an uncontrolled resource consumption flaw. This affects WebSphere Application Ser ...

Continue Reading

CVSS3 - HIGH

HackerOne: Private information exposed through GraphQL search endpoints aggregates

**Summary:** Private information can be exposed using `aggs` argument on the `search` and `opportunities_search` endpoints on the GraphQL root node. **Description:** When using the `aggs` argument a ...

Continue Reading
CVE-2023-22491

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to ...

Continue Reading
Denial Of Service (DoS)

mercurius is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to cause an application crash via sending a malformed packet over `WebSocket` to `/graphql` resulting in Denial of ...

Continue Reading

CVSS3 - HIGH

CVE-2022-23739

An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. This vulnerability allowed an app i ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy