3128 matches found
CVE-2024-47173
Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue...
CVE-2024-47173 Aimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setups
Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue...
CVE-2024-47173
CVE-2024-47173 describes a denial-of-service vulnerability in Aimeos where all SaaS and marketplace deployments using the GraphQL API admin interface (Aimeos) from versions 2024.04 up to 2024.07.1 are affected. The issue arises from improper handling in the GraphQL admin API, leading to an attack...
CVE-2024-47173 Aimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setups
Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue...
Privilege Context Switching Error
Overview aimeos/ai-admin-graphql is an Aimeos Admin GraphQL API extension Affected versions of this package are vulnerable to Privilege Context Switching Error through the SaaS and marketplace setups. An attacker can disrupt service availability by overwhelming the system with requests. Note: The...
ai-admin-graphql has a Denial of service vulnerability in SaaS and marketplace setups
All SaaS and marketplace setups using Aimeos version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack...
Important: Red Hat Security Advisory: Red Hat build of Cryostat security update
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
CVE-2024-50311
A denial of service DoS vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in o...
CVE-2024-50311
A denial of service DoS vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in o...
CVE-2024-50312
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery ...
CVE-2024-50312
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery ...
CVE-2024-50312 Graphql: information disclosure via graphql introspection in openshift
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery ...
CVE-2024-50312 Graphql: information disclosure via graphql introspection in openshift
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery ...
CVE-2024-50312
CVE-2024-50312 is an Information Disclosure via GraphQL Introspection vulnerability in OpenShift. The connected Red Hat advisory notes that OpenShift Container Platform 4.x releases including 4.16.30 and 4.17.12 were patched to fix this issue, which allowed unauthorized users to enumerate availab...
CVE-2024-50311
CVE-2024-50311 affects OpenShift GraphQL batching, causing DoS through requests with thousands of aliases. Red Hat’s advisory RHSA-2024:6122 confirms a security update for OpenShift Container Platform 4.18.1 that addresses this issue; the CVSS base score is MEDIUM with availability impact. The af...
CVE-2024-50311 Graphql: denial of service (dos) vulnerability via graphql batching
A denial of service DoS vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in o...
CVE-2024-50311 Graphql: denial of service (dos) vulnerability via graphql batching
A denial of service DoS vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in o...
CVE-2024-50312
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery ...
CVE-2024-50311
A denial of service DoS vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in o...
Red Hat OpenShift 信息泄露漏洞
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying, and running applications. An information disclosure vulnerability exists in Red Hat OpenShift that stems from improper access control to GraphQL introspection...