0x566164696D
0x566164696D
**Product** Graphite **Product Version** Current master branch **Environment** docker graphiteapp/graphite-statsd. Builded from the current master branch. **Vulnerability** Reflected cross-site scripting (XSS) **Severity** Medium **Description** Cross-site scripting is a type of...
Information about the "path" is missing for the following events: "request body has an error: doesn't match schema" "value is required but missing" "Shadow API: undefined parameters found" This makes...
The use of line breaks significantly complicates parsing with popular log collection tools (such as OpenObserve, Filebeat, Logstash, Fluentd, Vector, etc). Some events, for example, "request validation error", are split...
It has been noticed that the request_id is incremental, leading to issues when running multiple API-Firewall containers and using log collection systems (such as OpenObserve). Consequently, unrelated events may be...
There are several methods of load balancing traffic using DNS: - Round robin DNS - Returning the IP address of a live host in response to a DNS query -...
In most cases, it is not possible to immediately launch API-Firewall in BLOCK mode; we have to start in monitoring mode, analyze logs, and make changes to the OAS, which...
Currently, it is necessary to restart the API Firewall to use the new version of the specification, which causes connection disruptions. This setup complicates integration into the infrastructure and ensures...
The published OAS might be protected by authentication. It would be great to have the ability to add custom headers to requests for retrieving OAS via URL.
Please add the line number to the log in case of an OAS parsing error.