### Summary CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Access to information you should not have access to when the permissions rely on `$CURRENT_USER` for filtering. ### Deta ...
Continue Reading
July 26, 2023
# CVE-2021-4191 - GitLab User Enumeration GitLab is a widely-us...Read More ...
Continue Reading
July 22, 2023
# CVE-2021-4191 - GitLab User Enumeration GitLab is a widely-us...Read More ...
Continue Reading
July 22, 2023
This release of Red Hat Integration - Service Registry 2.4.3 GA includes the following security fixes. Security Fix(es): * keycloak: path traversal via double URL encoding (CVE-2022-3782) * jackson-da ...
Continue Reading
July 14, 2023
This release of Red Hat build of Quarkus 2.13.8 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Security Fixe ...
Continue Reading
July 14, 2023
### Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false whi ...
Continue Reading
July 11, 2023
### Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false whi ...
Continue Reading
July 11, 2023
# Description Mutations are `saveRecord` or `createProcess` queries used in Graphql. SuiteCRM prevents CSRF in this functionality by sending a POST request with a X-Xsrf-Token header. the bug here is ...
Continue Reading
July 11, 2023
Back to Main
