Denial of Service (DoS) attacks in GraphQL APIs are nothing new. It turns out that when you let clients control what data they want to receive from the server, malicious users try to abuse this flexibility to exhaust resources. Who
It seems like developers working on REST APIs have finally come to terms with the dangers of verbose error messages, but GraphQL developers are still learning what happens when their API schema is left unprotected. In March 2022, CVE-2021-4191 disclosed
Every several years, a boring old problem becomes relevant again, typically because those who develop new technologies fail to learn lessons from the mistakes of those who developed old ones. This is apparently the case with Cross-Site Request Forgery (CSRF)
©2024 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified
