Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to HTTP header injection and affected by denial of services due to multiple vulnerabilities.

## Summary IBM WebSphere Application Server Liberty for IBM i is vulnerable to an HTTP header injection caused by improper validation, and affected by a denial of service in GraphQL Java, a denial of ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

FreeBSD : Gitlab — Multiple Vulnerabilities (ee890be3-a1ec-11ed-a81d-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ee890be3-a1ec-11ed-a81d-001b217b3468 advisor ...

Continue Reading
Security Bulletin: Vulnerability in GraphQL Java may affect IBM Robotic Process Automation and result in a denial of service (CVE-2022-37734)

## Summary There is a vulnerability in the Java used by IBM Robotic Process Automation as part of it's infrastructure, license management and UMS which may result in a denial of service. (CVE-2022-377 ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: FileNet Content Manager GraphQL jackson-databind security vulnerabilities, affected but not vulnerable

## Summary FileNet Content Manager GraphQL jackson-databind security vulnerabilities CVE-2022-42003 and CVE-2022-42004, affected but not vulnerable ## Vulnerability Details ** CVEID: **[CVE-2022-42003 ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affect IBM Cloud Pak System (CVE-2022-37734)

## Summary Vulnerability has been identified in WebSphere Application Server Liberty shipped with Cloud Pak System. Information about vulnerability has been published in security bulletin. ## Vulnerab ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: Liberty is vulnerable to denial of service due to GraphQL Java affecting IBM TXSeries for Multiplatforms

## Summary Liberty is vulnerable to a denial of service due to GraphQL Java (mpGraphQL-1.0 or mpGraphQL-2.0) caused by an uncontrolled resource consumption flaw. This affects WebSphere Application Ser ...

Continue Reading

CVSS3 - HIGH

HackerOne: Private information exposed through GraphQL search endpoints aggregates

**Summary:** Private information can be exposed using `aggs` argument on the `search` and `opportunities_search` endpoints on the GraphQL root node. **Description:** When using the `aggs` argument a ...

Continue Reading
CVE-2023-22491

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to ...

Continue Reading

Back to Main

Subscribe for the latest news: