GraphQL engines sometimes support combining a group of requests into a single one to try optimizing network performances between the client and the GraphQL server. When supported and enabled, this fea ...
Continue Reading21 февраля, 2024
Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and...Read More ...
Continue Reading12 февраля, 2024
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6b2cba6a-c6a5-11ee-97d0-001b217b3468 advisor ...
Continue Reading11 февраля, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...
Continue Reading10 февраля, 2024
Gitlab reports: Restrict group access token creation for custom roles Project maintainers can bypass group's scan result policy block_branch_modification setting ReDoS in CI/CD Pipeline Editor wh ...
Continue Reading09 февраля, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...
Continue Reading08 февраля, 2024
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using ...
Continue Reading08 февраля, 2024
Appwrite <= v1.4.13 is affected by a Server-Side Request Forgery (SSRF) via the '/v1/avatars/favicon' endpoint due to an incomplete fix of...Read More ...
Continue Reading08 февраля, 2024
Back to Main