A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An ap ...
Continue Reading
December 15, 2023
org.springframework.graphql:spring-graphql is vulnerable to Information Disclosure. The vulnerability is due to an issue where an application provides a `DataLoaderOptions` instance when registering b ...
Continue Reading
December 15, 2023
Hi, Spring fans! Welcome to another installment of _This Week in Spring_! How are you? It's September 26th, 2023, and I am in sunny Singapore for SpringOne at VMWare Explore Singapore. If you're aroun ...
Continue Reading
December 15, 2023
A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An ap ...
Continue Reading
December 15, 2023
A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An ap ...
Continue Reading
December 15, 2023
Summary: Hello team, While testing the analytics reports functionality for an organization, I realized that organization members can delete reports created for a team they have no access to. If an or ...
Continue Reading
December 15, 2023
@graphql-mesh/runtime is vulnerable to Denial Of Service (DoS). This vulnerability exists due to improper transforms at the root level, allowing an attacker to send duplicate queries with different va ...
Continue Reading
December 15, 2023
A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An ap ...
Continue Reading
December 15, 2023
Back to Main
