**Summary:** Hello HackerOne security team :-) For a while now I have been monitoring H1 js files. I've just noticed some new GraphQL queries about `HackerOne Copilot`. While this feature has not yet ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the v ...
Continue Reading
December 15, 2023
Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 befor ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the v ...
Continue Reading
December 15, 2023
In today's digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right security solution can be filled with challenges and choices. In this blog p ...
Continue Reading
December 15, 2023
Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large qu ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the v ...
Continue Reading
December 15, 2023
Summary IBM Edge Application Manager 4.5.3 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is vulnerable to cross- ...
Continue Reading
December 15, 2023
Back to Main
