CVE-2023-41081 - Authentication Bypass in Apache Tomcat Connectors (mod_jk) Explained in Simple Terms
Date disclosed: 2023-09-13
Updated summary: 2023-09-28
Impacted Software: Apache Tomcat Connectors (mod_jk) 1.2. – 1.2.48
Fixed in: mod_jk version 1.2.
CVE-2023-40712 - Unmasking Secret Configurations in Apache Airflow Before 2.7.1
Apache Airflow is an open-source tool used by thousands of companies to programmatically author, schedule, and monitor workflows. However, a critical vulnerability has been discovered
CVE-2023-40611 - How Authenticated Users Could Tamper with DAG Run Details in Apache Airflow <2.7.1
Apache Airflow is a popular open-source platform for workflow orchestration. It’s used by data engineers and teams across many industries for automation and scheduling.
CVE-2023-39264 - Apache Superset Stack Trace Exposure in REST API (Up to 2.1.) – Exploit Details and Security Insights
Date: June 2024
Author: [Exclusive Post for Your Eyes Only]
Apache Superset is one of the most popular open-source data exploration and visualization platforms in
CVE-2023-36387 - How Improper Default REST API Permissions in Apache Superset Expose Sensitive Database Operations
---
Introduction
In June 2023, a significant security issue was disclosed in Apache Superset—an open-source data visualization and exploration platform. The vulnerability, identified as
Episode
00:00:00
00:00:00