January 17, 2023

Episode 195 - 2022 CVEs, CORS, GraphQL

Listen Later

59 minutes

Ken (@cktricky) and Seth (@sethlaw) take a step away from the news to review technical articles and research released in the last couple of weeks. This includes analysis done by Jerry Gamblin on total CVEs released during 2022, a new tool for exploiting weak CORS configurations, an excellent writeup on usage along with an intentionally-vulnerable GraphQL application, and finally some thoughts on prototype pollution style vulnerabilities in other interpreted languages (specifically python).

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Absolute AppSec

By Ken Johnson and Seth Law

4.9

1717 ratings

January 17, 2023

Episode 195 - 2022 CVEs, CORS, GraphQL

Listen Later

59 minutes

Ken (@cktricky) and Seth (@sethlaw) take a step away from the news to review technical articles and research released in the last couple of weeks. This includes analysis done by Jerry Gamblin on total CVEs released during 2022, a new tool for exploiting weak CORS configurations, an excellent writeup on usage along with an intentionally-vulnerable GraphQL application, and finally some thoughts on prototype pollution style vulnerabilities in other interpreted languages (specifically python).

...more

More shows like Absolute AppSec

Stuff You Should Know by iHeartPodcasts

Stuff You Should Know

78,688 Listeners

Planet Money by NPR

Planet Money

30,609 Listeners

Risky Business by Risky Business Media

Risky Business

371 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,077 Listeners

Application Security Weekly (Audio) by Mike Shema

Application Security Weekly (Audio)

13 Listeners