Stolen and compromised credentials are the number one cause of data breaches across the industry. GitHub has a long history of protecting developers and enterprises from such threats with security eff ...
Continue Reading18 октября, 2022
WAFs were a top-notch security instrument a decade ago, but now they are not. They fail to protect APIs. Meanwhile, the number of API-specific vulnerabilities grew more than twofold in 2022. According ...
Continue Reading17 октября, 2022
Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticate ...
Continue Reading06 октября, 2022
This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes. Security Fix(es): * cron-utils: template Injection leading ...
Continue Reading06 октября, 2022
This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section. Security Fix(es): * graphql-java: DoS ...
Continue Reading05 октября, 2022
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authenticatio ...
Continue Reading30 сентября, 2022
GraphQL is an open-source query and manipulation language for APIs and a server-side runtime built to handle these queries on the application dataset. GraphQL servers often allow other `Content-Type` ...
Continue Reading30 сентября, 2022
Hi, Spring fans! Welcome to another installment of _This Week in Spring_! It's the last week of _September_, already! The year's more done than not. The days are receding into darkness earlier. And th ...
Continue Reading27 сентября, 2022
Back to Main