CVE-2022-31813 HTTP Server may not send X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.
Apache HTTP Server software versions earlier than 2.4.53 are therefore potentially vulnerable to XSS attack. To protect against this issue update on your
CVE-2022-26134 - Simple Exploit and Deep Dive on the Confluence OGNL Injection Vulnerability
CVE-2022-26134 is a critical security vulnerability found in Atlassian’s Confluence Server and Data Center. It allows an attacker, with no need to log in
CVE-2022-30503 Nginx 0.7.2 has a segmentation violation in the function njs_set_number at src/njs_value.h
When this vulnerability is exploited by an attacker, the attacker may be able to cause the server to crash, leak memory, or execute arbitrary code.
CVE-2022-30973 - How a Missed Fix Left Apache Tika’s StandardsExtractingContentHandler Vulnerable
In the fast-moving world of open source, patching security holes is an ongoing challenge—especially when older branches and non-standard features are involved. Let’s
CVE-2022-1348 Logrotate's state file is vulnerable to lock acquisition and release. This could allow for parallel logrotate execution.
The flaw can be exploited by a local attacker by writing log files that cause a specific sequence of actions. On systems that do not
Episode
00:00:00
00:00:00