Deep Dive into the Latest API Security Vulnerabilities in Envoy

Envoy has carved out a critical role in cloud-native computing, becoming increasingly prevalent as the default ingress controller for Kubernetes. This high-performance proxy, developed by Lyft and now part of the Cloud Native Computing Foundation’s arsenal, is integral for companies scaling up...

Low: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security and bug fix update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide...

CVE-2024-26787

A flaw affecting the STM32 MMC/SD card driver was found in the Linux kernel. This issue is caused by improper handling of Direct Memory Access DMA mappings, resulting in overlapping memory regions. This overlap can trigger warnings and lead to potential memory corruption or unstable behavior...

Express.js Authentication Bypass

Express.js is a popular web framework for Node.js. Google Extensible Service Proxy ESP is a scalable proxy provided by the Google Cloud Platform GCP used to provide API management features based on an OpenAPI or gRPC API backend. When an Express.js API is deployed with case insensitive routing se...

Google Extensible Service Proxy 2.20.0 < 2.43.0 Authentication Bypass

Google Extensible Service Proxy ESP is a scalable proxy provided by the Google Cloud Platform GCP used to provide API management features based on an OpenAPI or gRPC API backend. ESP versions starting 2.20.0 and before 2.43.0 suffer from an authentication bypass vulnerability. By crafting a...

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

An unknown threat actor has been observed publishing typosquat packages to the Python Package Index PyPI repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27 package...

Important: Red Hat Enhancement Advisory: Red Hat 3scale API Management 2.13.7 Release - Container Images

Red Hat 3scale API Management 2.13.7 Release - Container Images Release of 3scale API Management components provides these changes:...

ALSA-2023:6980 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

Make API Management Less Scary for Your Organization

While application development has evolved rapidly, the API management suites used to access these services remain a spooky reminder of a different era. Introducing new API management infrastructure with these legacy models still poses challenges for organizations as they modernize. Transitioning...

Red Hat 3scale API Management Platform Security Vulnerability

Red Hat 3scale API Management Platform is an API management infrastructure platform from Red Hat. It enables rapid API sharing, protection, distribution, control, and monetization. A security vulnerability exists in Red Hat 3scale API Management Platform, which originates from a user logging out...

GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845

This post delves into a very impactful JWT Authentication Bypass vulnerability CVE-2023-30845 found in ESP-v2, an open-source service proxy that provides API management capabilities using Google Service Infrastructure. This vulnerability allows malicious API clients to bypass JWT authentication...

Find APIs Hiding in the Shadows

What’s hiding in the shadows? It’s a well understood reality that unmanaged IT assets tend to be unmonitored IT assets, and that both introduce risk. Whether it’s a forgotten about application, or an unmanaged cloud storage volume, you can’t protect what you don’t know about. Attackers thrive on...

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery SSRF flaws and one instance of unrestricted file upload...

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery SSRF flaws and one instance of unrestricted file upload...

CVE-2023-30845

ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...

Authentication flaw

ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...

CVE-2023-30845

ESPv2 (Google Extensible Service Proxy) versions 2.20.0–2.42.0 are affected by an authentication bypass vulnerability where an attacker can craft a malicious X-HTTP-Method-Override header to bypass JWT authentication when the requested HTTP method is not in the API service definition and the over...

CVE-2023-30845 ESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` header

ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...

CVE-2023-30845 ESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` header

ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...

Why Shadow APIs are More Dangerous than You Think

Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial data loss. For those that aren't familiar with the term, shadow APIs are a type of application programming interface API that isn't officially documented or supported. Contrary...