Spring Tips: Learn Spring for GraphQL (parts 5 and 6 of an ongoing series)

Hi, Spring fans! In thi^^^ these installments, we continue our series introducing the Spring for GraphQL project. This series features Spring for GraphQL lead Rossen Stoyanchev @rstoya05 - whose work you may know from basically everything in the wide and wonderful world of Springdom having to do...

CVE-2019-1020015

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...

CVE-2019-1020015

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...

Hardcoded credentials

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...

CVE-2019-1020015

CVE-2019-1020015 affects graphql-engine (Hasura GraphQL Engine) prior to 1.0.0-beta.3, which mishandles the audience check during JWT verification. The evidence in connected documents confirms the vendor/product and the root cause without additional exploit details. Remediation is to upgrade to 1...

CVE-2019-1020015

graphql-engine aka Hasura GraphQL Engine before 1.0.0-beta.3 mishandles the audience check while verifying JWT...