gRPC - API Security Blog

[SECURITY] Fedora 40 Update: rust-tonic-build-0.12.3-1.fc40

Codegen module of tonic gRPC...Read More ...

October 20, 2024

[SECURITY] Fedora 40 Update: rust-tonic-0.12.3-1.fc40

A gRPC over HTTP/2 implementation focused on high performance, interoperability, and...Read More ...

October 20, 2024

[SECURITY] Fedora 41 Update: rust-tonic-0.12.3-1.fc41

A gRPC over HTTP/2 implementation focused on high performance, interoperability, and...Read More ...

October 16, 2024

[SECURITY] Fedora 41 Update: rust-tonic-build-0.12.3-1.fc41

Codegen module of tonic gRPC...Read More ...

October 16, 2024

(RHSA-2024:8023) Important: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements

This release includes security, bug fixes, and enhancements. Security Fix(es): axios: axios: Server-Side Request Forgery (CVE-2024-39338) express: Improper Input Handling in Express Redirects (CVE ...

October 14, 2024

CVE-2024-47616

Pomerium is an identity and context-aware access proxy. The Pomerium databroker service is responsible for managing all persistent Pomerium application state. Requests to the databroker service API ar ...

October 08, 2024

Security Bulletin: IBM Maximo Application Suite uses grpc-js-1.8.21.tgz which is vulnerable to CVE-2024-37168

Summary IBM Maximo Application Suite uses grpc-js-1.8.21.tgz which is vulnerable to CVE-2024-37168. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Detail ...

October 07, 2024

CVE-2024-47616 Pomerium’s service account access token may grant unintended access to databroker API

Pomerium is an identity and context-aware access proxy. The Pomerium databroker service is responsible for managing all persistent Pomerium application state. Requests to the databroker service API ar ...

October 03, 2024