CVE-2022-37866 - Path Traversal Vulnerability in Apache Ivy — Deep Dive & Exploit Details
Apache Ivy, a popular dependency manager for Java, makes it easy to handle and fetch dependencies for your projects from remote repositories. But sometimes, the
CVE-2022-42920 - Breaking Down the Apache Commons BCEL Bytecode Generation Vulnerability
In late 2022, a significant vulnerability—tracked as CVE-2022-42920—was uncovered in the popular Java library Apache Commons BCEL. This bug goes well beyond a
CVE-2022-37865 - Path Traversal Vulnerability in Apache Ivy — How Attackers Could Write Files Anywhere On Your System
Apache Ivy is a popular dependency manager for Java projects, relied upon in many build systems for resolving, retrieving, and managing project dependencies. With the
CVE-2022-44794 Object First has an issue where a remote attacker can execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters.
An issue was discovered in Object First 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash
CVE-2022-33684 - How the Apache Pulsar C++ and Python Clients Exposed Your OAuth2 Credentials
---
If you use Apache Pulsar with OAuth2. authentication—especially with the C++ or Python client—this long read is for you. In 2022, a
Episode
00:00:00
00:00:00