This module lets you craft and expose a GraphQL schema for Drupal 9 and 10. The module currently does not adequately verify whether a given user has the necessary permissions to access an entity's lab ...
Continue Reading
December 15, 2023
### Impact An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed graphql ...
Continue Reading
December 15, 2023
SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object type ...
Continue Reading
December 15, 2023
Summary IBM Edge Application Manager 4.5.3 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is vulnerable to cross- ...
Continue Reading
December 15, 2023
graphql is vulnerable to Denial Of Service. The vulnerability is due to an insufficient check/comparison between `node1` and `node2` in the `OverlappingFieldsCanBeMergedRule.ts` file. This can result ...
Continue Reading
December 15, 2023
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...
Continue Reading
December 15, 2023
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a repository.Read More ...
Continue Reading
December 15, 2023
### Impact An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed graphql ...
Continue Reading
December 15, 2023
Back to Main
