API Security Trends. Quarterly Review of API Vulnerabilities
API security is a hot topic, but we often hear “how real is the threat, really?” This inaugural quarterly review is designed to address this question.
This work is based on research of API security issues and exploits that were disclosed in Q1 2022. We explain what issues were found, and which vendors and products were affected. We map these issues across industry standards, including CWEs, CVEs, both OWASP Top-10 and API OWASP Top-10, and CVSS scores.
In Q1, researchers found and reported at least 18 high risk, 19 medium risk and 11 low risk vulnerabilities in 30 products, including Grafana, Veeam, Zabbix, and Istio. Read this report to learn more.