April 20, 2017
Related Articles (640)
Security researchers have discovered a vulnerability in the Swagger ecosystem that could result in the exploitation of Web API endpoints when those endpoints or any SDKs designed to access them are generated from a Swagger-based API description. Malicious remote code execution is the main concern.
The World Wide Web can be a charlatan's playground with the potential of accessing reams of personal details and passwords to exploit as they please. Of course, there are secure solutions in place and we can all do our bit to ensure our information remains safe, but in some cases, fraud manages to succeed. Socure is an identity fraud detection service aimed at providing organisations or website owners with the tools to help prevent fraud and ensure that their customers are who they say they are. Socure's API makes it possible to integrate this functionality into websites and applications.
GitHub is now a Common Vulnerabilities and Exposures (CVE) Numbering Authority. This designation will enable GitHub to streamline the reports of vulnerabilities to the National Vulnerability Database (NVD). GitHub can directly assign a CVE ID for security advisories opened in GitHub.