CVE-2022-43985 – Apache Airflow Open Redirect Vulnerability in `/confirm` Endpoint Exposed
---
A new vulnerability has been identified in Apache Airflow, a popular open-source platform to programmatically author, schedule, and monitor workflows. Designated as CVE-2022-43985, this
CVE-2022-43982 - Apache Airflow XSS Vulnerability in "Trigger DAG with config" Screen
Apache Airflow is a popular open-source platform designed to programmatically manage, monitor, and execute complex workflows. Recently, an issue has been reported under the identifier
CVE-2022-31777: Stored Cross-Site Scripting (XSS) Vulnerability in Apache Spark: Exploit Details, Code Snippets, and References
A stored cross-site scripting (XSS) vulnerability (CVE-2022-31777) exists in Apache Spark 3.2.1 and earlier, as well as version 3.3.. This security flaw
CVE-2022-34662 - Path Traversal Vulnerability Discovered in Resource Center - Patch Available for Versions 3.. and Higher
A new vulnerability labeled as CVE-2022-34662 has been identified in some versions of the Resource Center. This vulnerability exposes a potential path traversal issue when
CVE-2022-42252: Apache Tomcat Request Smuggling Attack via Invalid Content-Length Headers
In this post, we will discuss the vulnerability CVE-2022-42252 affecting Apache Tomcat versions 8.5. to 8.5.82, 9..-M1 to 9..67, 10.
Episode
00:00:00
00:00:00