CVE-2023-28708 - How an Apache Tomcat Proxy Setting Could Leak Your Cookies
In 2023, a vulnerability was discovered in popular versions of Apache Tomcat, the Java-based web server and servlet container. The issue—now tracked as CVE-2023-28708—
CVE-2023-26464 - Denial of Service in Apache Log4j 1.x Chainsaw and SocketAppender via Malicious HashObjects
Apache Log4j remains one of the most widely deployed Java logging frameworks, even after the major vulnerabilities discovered in recent years. In this post, we
CVE-2023-23638 - Deserialization Exploit in Apache Dubbo Exposes Systems to Remote Code Execution
In early 2023, security researchers flagged a critical vulnerability—CVE-2023-23638—in Apache Dubbo, a popular Java RPC framework. This flaw is a classic deserialization issue
CVE-2023-27522 - HTTP Response Smuggling in Apache HTTP Server (mod_proxy_uwsgi) Explained
The internet is built on trust. Web servers, like the famous Apache HTTP Server, are at the heart of almost every website you visit. But
CVE-2023-25690 - HTTP Request Smuggling in Apache HTTP Server via mod_proxy Rewrite Rules
A serious vulnerability marked as CVE-2023-25690 was disclosed in Apache HTTP Server, versions 2.4. through 2.4.55, that allows HTTP Request Smuggling attacks.
Episode
00:00:00
00:00:00