CVE-2023-42792 - How Apache Airflow Users Could Escalate Privileges and Manipulate DAGs
Apache Airflow is a powerful open-source platform for orchestrating complex workflows and data pipelines. But with great power comes the responsibility to keep your pipelines
CVE-2023-45348 - How Authenticated Attackers Can Leak Apache Airflow Config With “expose_config” Mistake
Apache Airflow is a hugely popular open-source platform for orchestrating complex workflows. But even the best tools sometimes have security issues. In this article, I’
CVE-2023-44981 - Authorization Bypass in Apache ZooKeeper Lets Attackers Join Your Cluster
Cluster security is a critical part of production infrastructure, and a newly disclosed vulnerability—CVE-2023-44981—puts Apache ZooKeeper deployments at severe risk. This vulnerability allows
CVE-2023-45648 - Exploiting Improper Input Validation in Apache Tomcat – Simple Explanation & Practical Examples
In November 2023, security researchers uncovered a significant vulnerability, CVE-2023-45648, in Apache Tomcat - a highly popular open-source Java application server. If you’re running
CVE-2023-42795 - Information Leak in Apache Tomcat Due to Incomplete Cleanup
CVE-2023-42795 is a security vulnerability found in multiple versions of Apache Tomcat. It's classified as an "Incomplete Cleanup" issue, potentially allowing
Episode
00:00:00
00:00:00