CVE-2022-25892 Packages 2.6.1, 3.0.0, and 3.1.1 of muhammara are vulnerable to DoS when supplied with a maliciously crafted PDF file.
This can lead to a crash in the application or to a situation where the package is no longer able to parse the incoming PDF
CVE-2022-2572 In affected versions of Octopus Server, it was possible that the API key/keys of a deleted user were still valid.
As a result, it was possible for that user or group to request access to the API via the management interface. Fixed in Version 3.
CVE-2022-26884 - File Read Vulnerability in Apache DolphinScheduler Log Server - How Attackers Can Steal Sensitive Files
A serious security issue was discovered in Apache DolphinScheduler before version 2..6. This vulnerability, tracked as CVE-2022-26884, allows anyone to read *any file* on
CVE-2022-39944 - Remote Code Execution in Apache Linkis via MySQL Connector/J Deserialization Flaw
---
Published: 2024-06-24
Severity: High
Affected: Apache Linkis <= 1.2.
Apache Linkis is a powerful “computing middleware” often used in Big Data platforms to
CVE-2022-42468 - Remote Code Execution in Apache Flume's JMS Source Explained
In late 2022, the security community flagged a major vulnerability in Apache Flume, a widely used tool for aggregating and moving large logs and data
Episode
00:00:00
00:00:00