CVE-2022-24501 VP9 Video Extensions Remote Code Execution Vulnerability
These vulnerabilities have been assigned CVSS v3 scores of 8.8.8 and 9.9, respectively. These high scores indicate a high severity for both
CVE-2022-26336 - How a Simple Bug in Apache POI Can Crash Your Application with Out of Memory
In March 2022, a vulnerability was discovered in the Apache POI library, specifically in the poi-scratchpad module. This vulnerability—CVE-2022-26336—might not sound scary at
CVE-2022-23640 - XML Entity Expansion Vulnerability in Excel-Streaming-Reader & How to Stay Safe
If you’re working with spreadsheets in Java, you might know about Excel-Streaming-Reader. It’s a handy library that lets you read really large Excel
CVE-2022-24948 - Exploiting Apache JSPWiki XSS via User Preferences - A Deep Dive
---
Introduction
In the world of web security, Cross-Site Scripting (XSS) remains one of the oldest and most dangerous web application vulnerabilities. In this post,
CVE-2022-24288 Airflow older than 2.2.4 had issues with user-provided params being vulnerable to OS Command Injection.
The issue was fixed in version 2.2.4 by introducing a new feature: parameter validation. To enable parameter validation, set the DAG_VALIDATE_ARGS
Episode
00:00:00
00:00:00