The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via...Read More ...
Continue Reading
May 23, 2025
Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server's respon ...
Continue Reading
May 23, 2025
Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Version ...
Continue Reading
May 23, 2025
Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Version ...
Continue Reading
May 23, 2025
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the trans ...
Continue Reading
May 23, 2025
Agoo before 2.14.3 does not reject GraphQL fragment spreads that form cycles, leading to an application crash. NOTE: the vendor has disputed this on the grounds that it is not the server's respon ...
Continue Reading
May 23, 2025
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via...Read More ...
Continue Reading
May 23, 2025
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the trans ...
Continue Reading
May 23, 2025
Back to Main
