CVE-2023-31122 - Out-of-bounds Read in mod_macro of Apache HTTP Server (through 2.4.57)
At the heart of the internet, Apache HTTP Server is one of the world’s most popular web servers. Millions of websites and applications rely
CVE-2023-44483 - Info Leak in Apache Santuario - XML Security for Java (Private Key Disclosure)
A critical vulnerability has surfaced in Apache Santuario - XML Security for Java, tracked as CVE-2023-44483. All versions before 2.2.6, 2.3.4,
CVE-2023-42792 - How Apache Airflow Users Could Escalate Privileges and Manipulate DAGs
Apache Airflow is a powerful open-source platform for orchestrating complex workflows and data pipelines. But with great power comes the responsibility to keep your pipelines
CVE-2023-45348 - How Authenticated Attackers Can Leak Apache Airflow Config With “expose_config” Mistake
Apache Airflow is a hugely popular open-source platform for orchestrating complex workflows. But even the best tools sometimes have security issues. In this article, I’
CVE-2023-44981 - Authorization Bypass in Apache ZooKeeper Lets Attackers Join Your Cluster
Cluster security is a critical part of production infrastructure, and a newly disclosed vulnerability—CVE-2023-44981—puts Apache ZooKeeper deployments at severe risk. This vulnerability allows
Episode
00:00:00
00:00:00