CVE-2023-40027 - Keystone Headless CMS Unrestricted adminMeta GraphQL Query Access Vulnerability
Introduction: Keystone is a popular open source headless CMS for Node.js, which leverages the power of GraphQL and React. Recently, a security vulnerability (CVE-2023-40027)
CVE-2023-38503 - Unauthorized Access to Directus User Data through GraphQL Subscriptions
Directus is a popular real-time API and App dashboard that is commonly used for managing SQL database content. However, a recent vulnerability has been discovered
CVE-2023-34235: Strapi Private Fields Leak through Prefix Change in Knex Query
In Strapi, an open-source headless content management system (CMS), versions prior to 4.10.8 can suffer from private fields leak when using the t(
CVE-2023-0921: Length Validation Vulnerability in GitLab CE/EE, Impacting CPU Performance
A newly discovered security vulnerability (CVE-2023-0921) has been identified in GitLab CE/EE, which affects all versions from 8.3 before 15.10.8, 15.
CVE-2023-2478: Unauthorized Access and Malicious Runner Attachment in GitLab CE/EE
An alarming security issue has recently been discovered in GitLab CE/EE (Community Edition and Enterprise Edition), affecting numerous versions of the platform. This vulnerability
Episode
00:00:00
00:00:00