## Summary: The vulnerability I have found is classified as a Regular Expression Denial of Service. While inspecting the source code file [RealtimeGQLSubscriptionAsync.js](https://www.redditstatic.com ...
Continue Reading
June 23, 2022
Elide is a Java library that lets you stand up a GraphQL/JSON-API web service with minimal effort. When leveraging the following together: Elide Aggregation Data Store for Analytic Queries, Parameteri ...
Continue Reading
June 23, 2022
IRRd did not always filter password hashes in query responses relating to `mntner` objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perform a brute-for ...
Continue Reading
June 23, 2022
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumerat ...
Continue Reading
June 23, 2022
Compared to other API technologies like REST and GraphQL, gRPC is lightweight and exceptionally robust, thanks in large part to its use of protobufs. Interested in exploring how to build your own API? ...
Continue Reading
June 23, 2022
At GitHub, we draw on our own experience using GitHub to build GitHub. As an example of this, we use a number of GitHub Advanced Security features internally. This post covers how we rolled out Depend ...
Continue Reading
June 23, 2022
Not only is RSAC back in person, but [API security]() is coming to the forefront. Wallarm, the G2 leader in Application Security, is thrilled to be back at RSAC where we will show off all of our new A ...
Continue Reading
June 23, 2022
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename.Read More ...
Continue Reading
June 23, 2022
Back to Main
