Read the original article: API Security Weekly: Issue #128
This week, we check out the recent API vulnerabilities at VMware and GitLab, how URL parameters can lead to server-side request forgery (SSRF) vulnerabilities, and the upcoming webinar on some of the recent real-life API security flaws.
Vulnerability: VMware vRealize Operations API
VMware has just patched two critical security issues in their vRealize Operations API. The patched vulnerabilities are CVE-2021-21975 and CVE-2021-21983, and affect the products Cloud Foundation and vRealize Suite Lifecycle Manager.
Read the original article: API Security Weekly: Issue #128