GraphQL Batching

GraphQL engines sometimes support combining a group of requests into a single one to try optimizing network performances between the client and the GraphQL server. When supported and enabled, this fea ...

Continue Reading
SuiteCRM Unauthenticated Graphql Introspection

Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and...Read More ...

Continue Reading
FreeBSD : Gitlab — vulnerabilities (6b2cba6a-c6a5-11ee-97d0-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6b2cba6a-c6a5-11ee-97d0-001b217b3468 advisor ...

Continue Reading
CVE-2024-1066

An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...

Continue Reading
Gitlab — vulnerabilities

Gitlab reports: Restrict group access token creation for custom roles Project maintainers can bypass group's scan result policy block_branch_modification setting ReDoS in CI/CD Pipeline Editor wh ...

Continue Reading
Design/Logic Flaw

An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...

Continue Reading
CVE-2024-1066

An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...

Continue Reading
CVE-2024-1063

Appwrite <= v1.4.13 is affected by a Server-Side Request Forgery (SSRF) via the '/v1/avatars/favicon' endpoint due to an incomplete fix of...Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: