CVE-2023-44483: Private Key Disclosure Vulnerability in Apache Santuario - XML Security for Java (Versions Prior to 2.2.6, 2.3.4, and 3..3) Using JSR 105 API
INTRODUCTION
A significant vulnerability (CVE-2023-44483) has been discovered in Apache Santuario - XML Security for Java that impacts all its versions prior to 2.2.
CVE-2023-42792 - Apache Airflow Security Vulnerability: Unauthorized Access to DAG Resources
In this post, we will discuss a security vulnerability (CVE-2023-42792) that affects Apache Airflow in versions prior to 2.7.2. Apache Airflow is a
CVE-2023-45348 - Apache Airflow Vulnerability: Sensitive Configuration Exposure in Versions 2.7. and 2.7.1
The Apache Airflow project is an open-source platform designed to programmatically author, schedule, and monitor workflows. Recently, a vulnerability has been discovered in Apache Airflow
CVE-2023-44981 - Authorization Bypass Through User-Controlled Key Vulnerability in Apache ZooKeeper
A critical vulnerability has been discovered in Apache ZooKeeper that allows unauthorized users to bypass authentication and control ZooKeeper nodes, potentially accessing and manipulating sensitive
CVE-2023-45648: Addressing Improper Input Validation Vulnerability in Apache Tomcat Versions 11..-M1 to 11..-M11, 10.1.-M1 to 10.1.13, 9..-M1 to 9..81, and 8.5. to 8.5.93
Apache Tomcat has identified an Improper Input Validation vulnerability (CVE-2023-45648) in several versions of its software that could result in request smuggling when used behind
Episode
00:00:00
00:00:00