Information Disclosure

org.springframework.graphql:spring-graphql is vulnerable to Information Disclosure. The vulnerability is due to an issue where an application provides a `DataLoaderOptions` instance when registering b ...

Continue Reading
Distributed Denial Of Service (DDoS)

silverstripe/graphql is vulnerable to Distributed Denial Of Service attacks. The vulnerability is due to publicly exposed graphql schemas because it does not properly validate recursive queries, allow ...

Continue Reading
BIT-gitlab-2020-10978

GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL API.Read More ...

Continue Reading
BIT-suitecrm-2023-47643

SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object type ...

Continue Reading
Server side request forgery (ssrf)

Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through...Read More ...

Continue Reading
CVE-2023-23684

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading
Imperva Named an Overall Leader in the KuppingerCole Leadership Compass: API Security and Management Report

Imperva named an Overall Leader We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management rep ...

Continue Reading
This Week in Spring – September 26th, 2023

Hi, Spring fans! Welcome to another installment of _This Week in Spring_! How are you? It's September 26th, 2023, and I am in sunny Singapore for SpringOne at VMWare Explore Singapore. If you're aroun ...

Continue Reading

Back to Main

Subscribe for the latest news: