CVE-2022-43985 - How an Open Redirect in Apache Airflow’s `/confirm` Endpoint Could Expose Your Users
In today’s security-conscious world, even small missteps in web applications can open the door to big troubles. CVE-2022-43985 is a great case in point
CVE-2022-43982 - How XSS Sneaked Into Apache Airflow’s “Trigger DAG with Config” Screen
With Apache Airflow powering complex data pipelines for thousands of companies, any security flaw in it can ripple across the data world. CVE-2022-43982 is a
CVE-2022-38381 - How Attackers Bypass FortiADC WAF Filters with Malformed Requests
FortiADC is a popular Application Delivery Controller made by Fortinet, often used to balance the load and protect web applications. In 2022, a critical vulnerability—
CVE-2022-31777 - Exploiting Stored XSS in Apache Spark UI through Malicious Log Messages
Apache Spark is one of the most popular open-source engines for distributed data processing. It’s used in everything from data analysis to machine learning,
CVE-2022-42252 - Apache Tomcat’s Smuggling Time Bomb – Explaining the Vulnerability, Exploit Steps, and Prevention
Apache Tomcat is one of the internet’s most trusted open-source web servers for running Java applications. But like all software, Tomcat can sometimes give
Episode
00:00:00
00:00:00