GraphQL engines sometimes support combining a group of requests into a single one to try optimizing network performances between the client and the GraphQL server. When supported and enabled, this fea ...
Continue ReadingFebruary 21, 2024
Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and...Read More ...
Continue ReadingFebruary 12, 2024
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6b2cba6a-c6a5-11ee-97d0-001b217b3468 advisor ...
Continue ReadingFebruary 11, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...
Continue ReadingFebruary 10, 2024
Gitlab reports: Restrict group access token creation for custom roles Project maintainers can bypass group's scan result policy block_branch_modification setting ReDoS in CI/CD Pipeline Editor wh ...
Continue ReadingFebruary 09, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...
Continue ReadingFebruary 08, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...
Continue ReadingFebruary 08, 2024
Appwrite <= v1.4.13 is affected by a Server-Side Request Forgery (SSRF) via the '/v1/avatars/favicon' endpoint due to an incomplete fix of...Read More ...
Continue ReadingFebruary 08, 2024
Back to Main