This week, we check out the recent API vulnerabilities at VMware and GitLab, how URL parameters can lead to server-side request forgery (SSRF) vulnerabilities, and the upcoming webinar on some of the recent real-life API security flaws.
Vulnerability: VMware vRealize Operations API
VMware has just patched two critical security issues in their vRealize Operations API. The patched vulnerabilities are CVE-2021-21975 and CVE-2021-21983, and affect the products Cloud Foundation and vRealize Suite Lifecycle Manager.
Read the full article at http://feeds.dzone.com/link/16357/14402140/api-security-weekly-issue-128