Security Bulletin: CVE-2022-37734 may affect IBM CICS TX Advanced

## Summary WebSphere Application Server Liberty is vulnerable to denial of service due to GraphQL Java. This affects IBM WebSphere Liberty used by IBM CICS TX Advanced. IBM CICS TX Advanced has addres ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: CVE-2022-37734 may affect IBM CICS TX Standard

## Summary WebSphere Application Server Liberty is vulnerable to denial of service due to GraphQL Java. This affects IBM WebSphere Liberty used by IBM CICS TX Standard. IBM CICS TX Standard has addres ...

Continue Reading

CVSS3 - HIGH

CVE-2023-0886

A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allows an authenticated attacker to create a large Issue descript ...

Continue Reading
Q4-2022 API ThreatStats™ Report

We’re pleased to present the latest quarterly review and analysis of API vulnerabilities and exploits. This time, we’re going to split our discussion into two parts: today this quarterly rev ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

A Bootiful Podcast: Avalara’s Kumaresan Muthaliar on GraphQL in the heavily regulated, data intensive domain of tax

Hi, Spring fans! In this installment [Josh Long (@starbuxman)]() talks to [Kumaresan Muthaliar](), senior technical lead at Avalara, about GraphQL in the heavily regulated, data intensive domain of ta ...

Continue Reading
This Week in Spring – February 21, 20223

Hi, Spring fans! Welcome to another installment of _This Week in Spring_! How're you? I almost forgot today was Tuesday! Here in the US, we had a three day weekend for President's day, and also I've b ...

Continue Reading
File Access Bypass

graphql-mesh/cli and graphql-mesh/http are vulnerable to File Access Bypass. The vulnerability is due to the `staticFiles` parameter in the configuration file being set to `serve`, which allows an att ...

Continue Reading
Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler

### Summary Missing check vulnerability in the static file handler allows any client to access the files in the server's file system ### Details When `staticFiles` is set in the `serve` settings in th ...

Continue Reading

Back to Main

Subscribe for the latest news: