CVE-2024-47401 - Amplified GraphQL Response in Mattermost Playbooks Can Crash Your Server
On May 8, 2024, a new vulnerability—CVE-2024-47401—was published, affecting several versions of Mattermost, the popular open-source collaboration and messaging platform. This vulnerability can
CVE-2024-4472 - GitLab Dependency Proxy Credentials Leak via GraphQL Logs — In-Depth Analysis and Exploit Example
Table of Contents
Introduction
In June 2024, GitLab disclosed a sensitive security issue, now tracked as CVE-2024-4472. If you use GitLab's Dependency Proxy
CVE-2024-34152 - Exploiting Mattermost Playbook Metadata Leak via RHSRuns GraphQL Query
In May 2024, a significant vulnerability was found in Mattermost, a popular self-hosted messaging platform used by many businesses and open-source communities. Cataloged as CVE-2024-34152,
CVE-2024-32971 - Apollo Router Cache Bug Can Execute Wrong Operations (Explained, With Exploit Scenario)
CVE-2024-32971 is a recently disclosed vulnerability in Apollo Router, a popular Rust-based graph router used to run federated supergraphs with Apollo Federation 2. This bug
CVE-2024-28101 - How Highly Compressed HTTP Payloads Could Crash Your Apollo Router—and How to Fix It
If you use Apollo Router, you should pay close attention to CVE-2024-28101. This newly disclosed Denial-of-Service (DoS) vulnerability could let attackers eat up tons of
Episode
00:00:00
00:00:00