FreeBSD : Gitlab — Multiple Vulnerabilities (43f84437-73ab-11ec-a587-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 43f84437-73ab-11ec-a587-001b217b3468 advisor ...

Continue Reading
Shopify: Staff can create workflows in Shopify Admin without apps permission

## Summary: [add summary of the vulnerability] According to publicly available docs, Flow can be accessed in two ways. 1. through the Shopify organization admin (Shopify plus) 2. by installing the Sho ...

Continue Reading
CVE-2021-4191

An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumerat ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources

graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4.Read Mo ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)

## Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. This has been addressed. ## Vu ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Using Spring for GraphQL with Spring Data Neo4j

## Introduction _This is a guest blog post by [Gerrit Meier]() from [Neo4j]() who maintain(s) the Spring Data Neo4j module._ A few weeks ago version 1.2.0 of Spring (for) GraphQL was released with a b ...

Continue Reading
GraphQL vs gRPC: Which One Creates More Secure APIs?

Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API framewo ...

Continue Reading
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

## Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867) ## Vulnerability Deta ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Back to Main

Subscribe for the latest news: