Authorization Bypass

gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles GraphQL mutations. An attacker can exploit this vulnerability to perform Git actions even if they are not authorized to do so...

Security Bulletin: IBM PowerVM Novalink is vulnerable because GraphQL Java is vulnerable to a denial of service, caused by a stack-based buffer overflow. (CVE-2023-28867)

Summary IBM PowerVM Novalink is vulnerable because GraphQL Java is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially crafted GraphQL query, a remote attacker could exploit this vulnerability to cause a stack consumption. Vulnerability Details...

A Data Exfiltration Attack Scenario: The Porsche Experience

As part of Checkmarx's mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche has a well-established Vulnerability Reporting Policy Disclosure Policy1, it was considered in scope for...

Improper Permission Checks

directus is vulnerable to Improper Permission Checks. The vulnerability exists because the permission filters such as usercreated IS $CURRENTUSER are not properly checked in the library when using a GraphQL subscription, allowing an attacker to get a subscription event for which they do not have...

Incorrect Permission Checking for GraphQL Subscriptions

Summary CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Access to information you should not have access to when the permissions rely on $CURRENTUSER for filtering. Details The permission filters i.e. usercreated IS $CURRENTUSER are not properly checked when using GraphQL...

GHSA-GGGM-66RH-PP98 Incorrect Permission Checking for GraphQL Subscriptions

Summary CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Access to information you should not have access to when the permissions rely on $CURRENTUSER for filtering. Details The permission filters i.e. usercreated IS $CURRENTUSER are not properly checked when using GraphQL...

CVE-2023-38503

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.3.0 and prior to version 10.5.0, the permission filters i.e. usercreated IS $CURRENTUSER are not properly checked when using GraphQL subscription resulting in unauthorized users getting event o...

CVE-2023-38503 Directus has Incorrect Permission Checking for GraphQL Subscriptions

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.3.0 and prior to version 10.5.0, the permission filters i.e. usercreated IS $CURRENTUSER are not properly checked when using GraphQL subscription resulting in unauthorized users getting event o...

CVE-2023-38503 Directus has Incorrect Permission Checking for GraphQL Subscriptions

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.3.0 and prior to version 10.5.0, the permission filters i.e. usercreated IS $CURRENTUSER are not properly checked when using GraphQL subscription resulting in unauthorized users getting event o...

CVE-2023-38503

Directus (real-time API/dashboard for SQL data) has an authentication/authorization flaw in GraphQL subscriptions. From version 10.3.0 up to, but not including, 10.5.0, permission filters like user_created IS $CURRENT_USER are not properly enforced for subscription events, allowing unauthorized u...

CVE-2023-38503 Directus has Incorrect Permission Checking for GraphQL Subscriptions

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.3.0 and prior to version 10.5.0, the permission filters i.e. usercreated IS $CURRENTUSER are not properly checked when using GraphQL subscription resulting in unauthorized users getting event o...

Directus 信息泄露漏洞

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. An information disclosure vulnerability exists in Directus versions prior to 10.3.0 through 10.5.0, which stems from improper permission checking of GraphQL subscriptions, resulting in an information...

PT-2023-26483 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions 10.3.0 through 10.4.x Description: The issue concerns the improper checking of permission filters when using GraphQL subscriptions, resulting in unauthorized users receiving events they should not have access to. This affect...

Denial Of Service (DoS)

gitlab is vulnerable to Denial Of Service DoS. The vulnerability exists due to the lack of length validation of the library, which allows an attacker to create large issue descriptions via GraphQL, leading to an application crash...

Security Bulletin: CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Standard

Summary Summary: CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-28867 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by a...

Security Bulletin: CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM TXSeries for Multiplatforms

Summary CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-28867 DESCRIPTION: GraphQL Java is vulnerable to a denial of service,...

Security Bulletin: CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Advanced

Summary CVE-2023-28867 may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-28867 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by a stack-based...

Security Bulletin: Vulnerabilities have been identified in OpenSSL, Apache HTTP Server and other system libraries shipped with the DS8000 Hardware Management Console (HMC)

Summary IBM DS8900 Management Console is affected by Open Source expat CVE-2022-43680, libxml2 CVE-2022-40303, CVE-2022-40304, dbus CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, httpd CVE-2023-25690, systemd CVE-2022-4415, OpenSSL CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286,...

GHSA-H9WQ-XCQX-MQXM Vendure Cross Site Request Forgery vulnerability impacting all API requests

Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false which results in not having one originates from the cookie-session npm package’s default settings. Patch...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to GraphQL - CVE-2023-28867

Summary Vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty when the feature mpGraphQL-1.0 or mpGraphQL-2.0 is enabled. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: Jazz...