“ParseThru” vulnerability allows unauthorized access to cloud-native applications

A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native applications, Oxeye researchers have found. The source of “ParseThru” – as the newly discovered vulnerability has been dubbed – is the use of unsafe URL parsing methods built in the language. About the “ParseThru” vulnerability GoLang is a popular cloud native programming language. It reduces the number of software development dependencies and … More →

The post “ParseThru” vulnerability allows unauthorized access to cloud-native applications appeared first on Help Net Security.

Thank you for stopping by our page. If you'd like to learn more about this topic, you can find the full article by clicking HERE

« Go-Based Apps Vulnerable to Attacks Due to URL Parsing Issue

Trend Micro’s Zero Day Initiative Extends Leadership in Public Vulnerability Disclosures »

Other cyber news you might have missed:

Finance Sector Deals Latest Blow to Cyber Solarium Construct Teetering in NDAA10 months ago
Congress will return from the August recess faced once again with the challenge of building cybersecurity policy for private providers …
Podcast: The latest in charity cyber security1 month ago
In 2022, 30% of charities were able to identify a cyber attack that happened over the last year, with almost …
Meredith Atkinson, Author at Security Boulevard7 months ago
This Week in Malware – Over 50 Packages Discovered · New text2shell RCE vulnerability in Apache Common Texts CVE-2022-42889. Thank …
Personal data of 254K Medicare beneficiaries at risk after breach – Homenewshere.com2 months ago
“However, it was not until December 1, 2022, that CMS made the determination that the data breach constituted a 'major …
Tasmanian Education Department hit by data breach | The Educator K/122 months ago
The Tasmanian Department for Education, Children, and Young People (DECYP) has released an update regarding a potential data breach from …

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

HUMAN FIREWALL

EMPOWERING THE FIRST LINE OF DEFENSE

“ParseThru” vulnerability allows unauthorized access to cloud-native applications