Exploit for Insecure Storage of Sensitive Information in Ibexa Ezplatform-Graphql

Read More ...

Continue Reading

CVSS3 - MEDIUM

GraphQL Java vulnerable to stack consumption

In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44 ...

Continue Reading
GraphQL Java vulnerable to stack consumption

In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44 ...

Continue Reading
Thunder – Moderately critical – Access bypass – SA-CONTRIB-2023-007

Thunder is a Drupal distribution for professional publishing. The thunder distribution ships the thunder_gqls module which provides a graphql interface. The module doesn't sufficiently check access wh ...

Continue Reading
CVE-2023-28867

In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44 ...

Continue Reading
CVE-2023-28867

In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44 ...

Continue Reading
Waf-Bypass – Check Your WAF Before An Attacker Does

[![](https://blogger.googleusercontent.com/img/a/AVvXsEgL3MLHu1cARwXIirYVPLX_4TlTK1evGLBNS7jVThufKErSdgIWSx7KQkobRZxVEvGnEi74WWDJ1cziEoefKuvYGqRyDMmQ88CNopkcs5ppKa3rqEqmskizyvmfCyrrR35j97E6sHFYbvqy2Xw ...

Continue Reading
Insights into the New OWASP API Security Top-10 for CISOs

ICYMI, we recently presented **A CISOs Guide to the New 2023 OWASP API Security Update**. In this first of two planned webinars, Stepan Ilyin and Tim Ebbers provided an overview of what’s in and ...

Continue Reading

Back to Main

Subscribe for the latest news: