A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifier ...
Continue Reading06 июня, 2022
### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...
Continue Reading03 июня, 2022
### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...
Continue Reading03 июня, 2022
Hi, Spring fans! In thi^^^ these installments, we begin a new series introducing the Spring for GraphQL project. In this first installment, GraphQL Java lead [Andi Marek (@andimarek)]() and [ I (@sta ...
Continue Reading02 июня, 2022
The WPGraphQL WordPress plugin before 0.3.5 doesn't properly restrict access to information about other users' roles on the affected site. Because of this, a remote attacker could forge a GraphQL quer ...
Continue Reading30 мая, 2022
Gitlab reports: Runner registration token disclosure through Quick Actions Unprivileged users can add other users to groups through an API endpoint Inaccurate display of Snippet contents can be potent ...
Continue Reading30 мая, 2022
At GitHub, we believe in providing developer-first experiences to help you keep your code secure. Since we launched Dependabot alerts nearly four years ago, weve alerted users on over 425 million po ...
Continue Reading30 мая, 2022
**Introduction** The interest for network security occupations is soaring, but the arrangement is at an incredible insufficient. Experts anticipate a 2021 increment of 3,500,000 empty web-based securi ...
Continue Reading30 мая, 2022
Back to Main