HTTP

Vulnerabilities

Issued by: Security Week

Messaging and queuing middleware, IBM MQ provides enterprise-grade messaging between applications, enabling the transfer of data between programs and the sending of messages to multiple subscribers. Two security issues were resolved in IBM MQ this week, both residing within the libcurl library. Both flaws can be exploited remotely, IBM notes in an advisory. Tracked as…

Vulnerabilities

Issued by: Security Week

Go, or Golang, is an open source programming language designed for building reliable and efficient software at scale. Supported by Google, Go is leveraged by some of the world’s largest companies and it’s often used to develop cloud-native apps, including for Kubernetes. Oxeye researchers have conducted an analysis of Go-based cloud-native applications and discovered an…

Vulnerabilities

Issued by: Security Week

A total of 68 high-severity flaws were identified in Cisco’s Small Business RV110W, RV130, RV130W, and RV215W routers, but the company says patches won’t be released, because these devices have reached end-of-life (EOL). The last day for software maintenance releases and bug fixes was December 1, 2020. The security bugs exist because user-supplied input to…

Network Security

Issued by: Security Week

Set to be introduced in Chrome 86, the feature targets the so-called mixed forms (they are found on HTTPS pages that submit over HTTP), which are considered a risk to users’ security and privacy. Because the data transmission is not performed over a secure connection, the information introduced by the user in those forms is…