CVE-2023-41317 - Apollo Router Denial-of-Service Vulnerability in GraphQL Subscriptions
Attention Apollo Router users! A vulnerability has been found in certain versions of Apollo Router dealing with GraphQL subscriptions, which could lead to denial-of-service attacks.
CVE-2023-40027 - Keystone Headless CMS Unrestricted adminMeta GraphQL Query Access Vulnerability
Introduction: Keystone is a popular open source headless CMS for Node.js, which leverages the power of GraphQL and React. Recently, a security vulnerability (CVE-2023-40027)
CVE-2023-38503 - Unauthorized Access to Directus User Data through GraphQL Subscriptions
Directus is a popular real-time API and App dashboard that is commonly used for managing SQL database content. However, a recent vulnerability has been discovered
CVE-2023-34235: Strapi Private Fields Leak through Prefix Change in Knex Query
In Strapi, an open-source headless content management system (CMS), versions prior to 4.10.8 can suffer from private fields leak when using the t(
CVE-2023-0921: Length Validation Vulnerability in GitLab CE/EE, Impacting CPU Performance
A newly discovered security vulnerability (CVE-2023-0921) has been identified in GitLab CE/EE, which affects all versions from 8.3 before 15.10.8, 15.
Episode
00:00:00
00:00:00