CVE-2023-36387 - An In-Depth Analysis of an Improper Default REST API Permission for Gamma Users in Apache Superset (Up to and Including 2.1.) That Allows Testing Database Connections
Abstract: Apache Superset is a popular open-source data exploration and visualization platform. Improper default REST API permissions for Gamma users can lead to a significant
CVE-2023-40743 - Potential Security Risks When Integrating Apache Axis 1.x with Untrusted Inputs
Recently, concerns have emerged regarding the potential security risks associated with the integration of Apache Axis 1.x in an application. Specifically, the use of
CVE-2023-41080 - URL Redirection to Untrusted Site ('Open Redirect') Vulnerability in Apache Tomcat FORM Authentication
The popular web server Apache Tomcat has been identified to have a URL Redirection to Untrusted Site ('Open Redirect') vulnerability (CVE-2023-41080) in its
CVE-2023-34040: Spring for Apache Kafka Deserialization Vulnerability and Mitigation
A recently discovered vulnerability (CVE-2023-34040) in Spring for Apache Kafka versions 3..9 and earlier, as well as versions 2.9.10 and earlier, has
CVE-2022-44729: Mitigating the SSRF Vulnerability in Apache XML Graphics Batik 1.16
The Apache Software Foundation recently announced a significant vulnerability in Apache XML Graphics Batik, affecting version 1.16. This vulnerability is classified as CVE-2022-44729 and
Episode
00:00:00
00:00:00